Hello Team,
I have implemented a cloud run service on GCP that changes zoom contact center agents status when they sign in to zoom client from “not-ready” to “ready”.
I implemented this on my GCP personal instance where i allowed invocations to the service for “Allusers” and this works fine and i could validate the URL with no issues and i can receive the webhook notifications, just wanted to mention that so you know that the code that is used to validate the cloud run service URL is valid.
I am implementing the same cloud service on Corp instance, and because this follows IAM restrictions, i assigned the proper roles and generated an access token for the service account that will be used to invoke this cloud service. I validated the jwt token generated using https://jwt.io/ and i see that it is valid token with(header, payload, and signature) and identifies correctly the payload parameters as seen below
{
"aud": "https://<my_service>-uc.a.run.app",
"azp": "project-service-account@<my_project>.iam.gserviceaccount.com",
"email": "project-service-account@<my_project>.iam.gserviceaccount.com",
"email_verified": true,
"exp": 1713376412,
"iat": 1713372812,
"iss": "https://accounts.google.com",
"sub": "103391207022993207898"
}
The issue is that when i used the custom authorization header option to validate the webhook and use the custom-header key as “X-Serverless-Authorization” and put the token value in the Custom-header value, this token is stripped to allow only 477 chacareras while the actual token has 1342 characters so i can not validate the cloud run service URL.
How can i resolve this issue?