Use Zoom Meetings SDK embed, but with server-to-server OAuth

Hello all,

Ok, so I had created an app a few months back in which it helped me embed a Zoom meeting on the web app and have users be able to join. Initially, we were using JWT, but it seems the it will be deprecated next year, so I would like to begin the transition. So, just a bit of what I want to achieve:

  • Users will sign up to the app
  • Users will enter their Zoom details(PMI ID, PMI passcode, API Key, API Secret)
  • Host will be able to create events on the app, and other users will be able to join their event via the web

I had this working before, but with JWT. I know that the sample codes use the SDK, but will it be possible to see a sample using server-to-server OAuth instead? Seems like that is the closest one to how the JWT was working.

Any suggestions are welcome.

Thanks in advance!!

Greeting @rmjuarez12,

Thank you for posting on the Developer Forum. Great, question! The server-to-server OAuth is the JWT app replacement. So, yes, it is possible to achieve that workflow. Similar to JWT, the Server-to-Server OAuth app type does not require an end-user authorization step as well as the redirect URL and refresh token. More details on this topic can be found below:

Also, note, with can list your Android, iOS, macOS, or Windows SDK app on the Zoom App Marketplace. See article for more details :

Alternatively, you can create and publish an OAuth of 2.0 app which requires a user to authorize your app. With OAuth 2.0 you can make your publicly available by publishing your App in Zoom Marketplace. Once your App is published on the Marketplace, you can create and join a meeting for any user that authorized your App.

Let me know if this helps.

~ Donte

Hello @donte.zoom

Thank you so much for that info! So, how can I use the OAuth to replace the JWT? Would it still be the same exact way? What I mean by that, when creating the signature and such, do I have to make any specific changes? Mind you, what I want to achieve, is be able for any user to join a Zoom meeting via the web. Ofc, I am setting restrictions(such as limit of participants and such that a host can put), but ultimately, use Zoom Web SDK.

@rmjuarez12 , OAuth would be leveraged to grant your app access to Zoom resources. So, for example, with meeting read and write scopes, your app can create meetings for any user that installs your Marketplace app. To generate the signature, you would use the app type of SDK. So the only thing you would need to switch out in this regard is your JWT for SDK Client ID and Secret.

Get a user’s ZAK token

Also, " after a user completes the OAuth2 authorization flow, you can use their access_token to call the Get User Token API. The user’s ZAK token can then be passed into the Meeting SDKs to start the user’s meeting or webinar."

@donte.zoom

Thank you for supplying that. Does this mean that every user will need to create a SDK app type to be able to use their Zoom. Essentially, I want to use the user’s Zoom details for meetings. Something like this

  • Host creates an account on our app
  • Host can create a “Live Event” post on our app
  • Host will use his/her Zoom account for the meeting itself. In other words, their meeting ID, passcode, and API keys.
  • Host will start a Zoom meeting using the Zoom app using his/her PMI
  • Other users will join the meeting via our WebApp by clicking “Join” on the “Live Event” post

That is what I want to achieve. I was able to achieve that using JWT App type, but seeing as it will be deprecated, I need to transition.

So again, my question is, every user will need to create an SDK App type?

No, that is what OAuth 2.0 handles as it allows one to create a meeting on behalf of the user.

@donte.zoom

Once again, thanks! I am sorry if I am asking so many questions. Ok, so I have one last question. This is what I am using so that a user can join a meeting:

const initializeMeeting = () => {
    ZoomMtg.init({
      leaveUrl: leaveUrl,
      isSupportAV: true,
      success: (success) => {

        ZoomMtg.join({
          signature: signature,
          meetingNumber: meetingNumber,
          userName: userName,
          apiKey: apiKey,
          userEmail: userEmail,
          passWord: passWord,
          success: (success) => {
            console.log(success);
          },
          error: (error) => {
            console.log(error);
          },
        });
      },
      error: (error) => {
        console.log(error);
      },
    });
  };

In here, the apiKey, meetingNumber are from the user initiating the meeting(host), while the username and useremail is from the user joining. Based on the code above, what changes do I need to make to adjust and use the workflow I mentioned a few messages back.

@rmjuarez12

In the Join Function, include the zak property. See SDK reference for full method offerings:

https://marketplacefront.zoom.us/sdk/meeting/web/ZoomMtg.html#join

@donte.zoom

Ah ok, so basically replacing the apiKey with the ZAK token I get from the meeting room I am joining, correct?

@rmjuarez12,

You will want to review the Get a user’s Zak Token for implementation support article for more details, but, once you get the user’s ZAK token, you can then pass it into the Meeting SDKs to start the user’s meeting or webinar ."

@donte.zoom

Alrighty, thank you!! I guess I will have to experiment and such before anything else. Thank you so much for pointing me in the right direction.

Gald the resources were helpful @rmjuarez12!

Hi @donte.zoom ,I have same issue with Richard. Before we used jwt to create app. And used its settings to create meetings/webinars on server side. And passed same JWT api key to web client to join the meeting. All worked fine. Now I change to use server-to-server Oauth to create meeting, But I can’t use server-to-server api key for web client. It will return back “signature is invalid.” error when join the meeting. As above description. it seems we must create two apps, one is for server-to-server Oauth, the other is forMeeting SDK, Am I correct? If yes, it seems the user needs to build too many apps (we allow our website users to use their own zoom account, and privode the app settings).

@jh.ddxp ,

Thanks for the tag! If you are looking to authenticate the Meeting SDK, then you will need to use the credentials from the meeting SDK Marketplace app. I should note the SDK generates credentials for OAuth and SDK. To learn more, see support documentation below:

Create Meeting SDK App

https://developers.zoom.us/docs/meeting-sdk/create/

Authorize Meeting SDK

https://developers.zoom.us/docs/meeting-sdk/auth/

@donte.zoom Thank you for your help. I have migrated successfully.

Whoot, whoot! Glad to hear you successfully migrated @jh.ddxp !

hey i a facing an issue after migrate jwt to server to server oAuth the issue is signature invalid , some time fail to join meeting and invalid parameter, i am also using latest token generated by clientId and secret
async generateSdkSignature(meetingNumber, type) {
const iat = Math.round((new Date().getTime() - 30000) / 1000)
const exp = iat + 60 * 60 * 2
const oHeader = { alg: ‘HS256’, typ: ‘JWT’ }

const oPayload = {
  sdkKey: process.env.ZOOM_SDK_KEY,
  mn: meetingNumber,
  role: type,
  iat: iat,
  exp: exp,
  appKey: process.env.ZOOM_SDK_KEY,
  tokenExp: iat + 60 * 60 * 2
}

const sHeader = JSON.stringify(oHeader)
const sPayload = JSON.stringify(oPayload)
const signature = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, process.env.ZOOM_SDK_SECRET)
return { signature, apiKey: process.env.ZOOM_JWT_API_KEY };

}

in this api i am also change the sdk key with client id and secret to secrete but unable to join meeting