I tend to use PowerShell for most of my admin activities so when I started getting requests to automate things for Zoom I didn’t see any reason to change.  

Requiring a JWT token was a little bit of a challenge in PS but since I took the time to figure it out I thought I would share it here.

The function to create a token is:

function Get-ZoomToken
{
<#
.Synopsis
Create a JWT token using HMAC-256
.DESCRIPTION
Create a JWT token using HMAC-256 for use with the ZOOM version 2 API
.EXAMPLE
Get-ZoomToken -api_key <zoom api key> -api_secret <zoom api key secret>
.AUTHOR
Anthony Brown (anthony.brown@asurion.com)
#>
[cmdletBinding()]
param(
[Parameter(Mandatory=$true)][String]$api_key,
[Parameter(Mandatory=$true)][String]$api_secret,
[int]$timeout = 15
)

Sadly, the easiest way to get these DLLs is to create a new VS project and install Microsoft.IdentityModel.Tokens

and System.IdentityModel.Tokens.Jwt packages via NuGet and then copy them out of the packages <navigate to correct .NET version>

folder under your VS project directory.

$null = [System.Reflection.Assembly]::LoadFrom(“C:\PS Script\MyAssemblies\Microsoft.IdentityModel.Tokens.dll”)
$null = [System.Reflection.Assembly]::LoadFrom(“C:\PS Script\MyAssemblies\System.IdentityModel.Tokens.Jwt.dll”)

$SecurityKey = [Microsoft.IdentityModel.Tokens.SymmetricSecurityKey]::new([System.Text.Encoding]::UTF8.GetBytes($api_secret))
$credentials = [Microsoft.IdentityModel.Tokens.SigningCredentials]::new($SecurityKey, [Microsoft.IdentityModel.Tokens.SecurityAlgorithms]::HmacSha256)

$header = [System.IdentityModel.Tokens.Jwt.JwtHeader]::new($credentials)
$payload = [System.IdentityModel.Tokens.Jwt.JwtPayload]::new()

$payload.Iss = “$api_key”
$payload.Exp = (Get-Date).AddMinutes($timeout).ToFileTime().ToString()

$secToken = [System.IdentityModel.Tokens.Jwt.JwtSecurityToken]::new($header, $payload)
$handler = [System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler]::new()

$token = $handler.WriteToken($secToken)

$token
}

An example of using the token to pull a list of zoom users may look like this:

function Get-ZoomUsers
{
[cmdletBinding()]
param(
[Parameter(Mandatory=$true)][String]$token
)
$headers = @{“Authorization” = “Bearer $token”}

$BaseUri = ‘https://api.zoom.us/v2/users’

$page_number = 1
$page_count = 1

$Users = @()

do
{
Uri = "($BaseUri)?page_size=200&page_number=$page_number"

$UserList = Invoke-RestMethod -Method Get -Uri $Uri -Headers $headers

$Users += $UserList.users

$page_number++

Sleep -Seconds .2
}
until ($page_number -gt $UserList.page_count)

$Users
}

I hope this is helpful.

Hello, you can set the JWT expiration time a little longer, so you don’t need to get JWT token every time. 

thanks for sharing

Very helpfull! Thanks!

This works great without the DLLs

thanks Test_SSO…this helped a lot!

Hey @satwinder.dhillon,

Happy to hear you found valuable info!

-Tommy