I am developing a recording/scribing bot using the Meeting SDK for Web (Component View, v3.9.0). The application generates a signature on the backend and uses client.join() on the frontend.
Currently, my application is in Draft (Unpublished) status on the Marketplace. The Issue:
Success: When the bot attempts to join a meeting hosted by the same account that owns the Marketplace App credentials, the join is successful.
Failure: When the bot attempts to join a meeting hosted by an external user (a different Zoom account entirely), client.join() fails immediately.
Error Log: { "type": "JOIN_MEETING_FAILED", "reason": "Fail to join the meeting.", "errorCode": 200 }
Technical Context:
SDK Version: 3.9.0 (CDN version)
View: Component View (ZoomMtgEmbedded)
Signature Generation:
Using standard JWT signature generation.
role is set to 0 (Participant).
meetingNumber matches the target meeting.
App Status: Draft / Develop.
My Questions:
Is this errorCode: 200 the expected behavior for a Draft/Unpublished SDK App attempting to join external meetings?
Does the âDraftâ sandbox restrict the SDK key to only work with meetings hosted under the developerâs account?
Can you confirm that Publishing the app (or requesting specific scopes) will resolve this cross-account joining issue?"
I can confirm that this is expected behavior. If you havenât published your Zoom app yet, you wonât be able to send bots to join calls hosted by external Zoom accounts. You can read more about this from Zoomâs Meeting SDK documentation. Also, starting on February 23, 2026, you will also need to provide either an OBF token or a ZAK token to join meetings outside of your own Zoom account.
If youâd prefer a simpler integration where bot infrastructure is managed for you, Iâd recommend checking out the Recall.ai API. Itâs a simple 3rd party API that lets you use meeting bots to get raw audio/video/metadata from meetings without you needing to spend months to build, scale, and maintain these bots.
Here are the API docs if youâre interested, let me know if you have any questions!
We are deploying a published Meeting SDK integration where a server-side bot joins meetings hosted by external users (Customers) to assist our internal Agents. The bot authenticates using a ZAK generated via our Server-to-Server OAuth app (scoped to our Agent or a Service Account).
Does this joining flow impose any dependencies on the external Host? Specifically, if the external Host has not installed our app, will the botâs entry via ZAK trigger any specific âAllowâ prompts or require Host-side configuration, or is the join authorization fully self-contained within our Appâs scope?