User token expiration

API and Webhooks
1

Description
Has the user token an expiration or does it change in any way during the user entity lifetime? I’m asking because the token is opaque and it is not clear how often do I need to get it.

Can it be stored in a secure way on my server and be reused without having to call the Zoom API?

Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT

Which Endpoint/s?
/users/{userId}/token

Thanks!

2

Hey @bragma,

See the token expiration here:

Screen Shot 2020-04-09 at 6.36.30 PM
Screen Shot 2020-04-09 at 6.36.30 PM1494×296 32.3 KB

Thanks,
Tommy

3

Thanks, probably I needed to elaborate from the beginning.
Can I assume that the user token will not change and store it in another storage to avoid making an API call? It seems that ZAKs have expiration, but user tokens do not.

Thanks!

4

Hey @bragma,

If you are finding that the user tokens don’t change, then yes, you can store.

Thanks,
Tommy

5

I was expecting you to tell me if user tokens change and when! :slight_smile:

My plan is to get them when users are created and store them (forever?) in my backend so I can get them when needed without having to go to the zoom api. If I am correct, they are needed to join meetings as host with mobile SDK, the zak is not enough.

Does it make sense?
Thanks!

6

Hey @carson.zoom,

Can you confirm if user token changes or needs to be refreshed?

image

Thanks,
Tommy

7

Hey @bragma @tommy,

The token does not change for each User but the zak changes around every 2 hours. Users would need both of them to start a meeting with tokens in SDK.

Thanks!

2 Likes