Hello, I would like to create a webhook that notifies whenever a recording becomes avaliable to download.
According to the documentation, the endpoint URL must be TLS certified by an official CA, however, since I have an static IP I was planning on just opening a port for the webhook in the firewall and allowing all the zoom IP’s through.
Would it be possible for the api to communicate to that port instead of using a domain and without needing to be certified?
Hi,
To implement Zoom webhooks, it’s mandatory to use an HTTPS endpoint secured with a TLS certificate from a recognized Certificate Authority (CA). This is required to ensure secure communication between Zoom and your server.
If you’re using a static IP, you can configure it as https://<IP>:<port>. However, you still need a valid SSL/TLS certificate, which can be challenging to obtain directly for an IP address since most Certificate Authorities don’t issue certificates for IPs. Using a domain or subdomain is generally the preferred approach, as obtaining an SSL certificate for domains is much easier.
For a quick solution, you can use tunneling services like Ngrok to expose a secure HTTPS endpoint linked to your local server. Alternatively, you can use a tunnel with your live server VM, which allows secure access to your webhook endpoint without requiring an immediate domain setup.
Let me know if you need further assistance!
Would there be major distavantages at using the Ngrok method regarding security and/or traffic control? I was thinking about it but though that maybe fully securing that service would be kind of sketchy and tedious compared to restricting communication via port and firewall rules
This topic was automatically closed 368 days after the last reply. New replies are no longer allowed.