Webhook Validation using Google Apps Script


I am having trouble validating my endpoint, which is a Google Apps Script.

Endpoint Google Apps Script code

const sT = "XXXXXXXXXXX"

function doPost(e) {

  const requestMessage = e.postData.contents;
  const requestJSON = JSON.parse(requestMessage)
  const pT = requestJSON.payload.plainToken
  var signature = Utilities.computeHmacSha256Signature(pT, sT, Utilities.Charset.US_ASCII);
  var hexString = signature
    .map(function (byte) {
      // Convert from 2's compliment
      var v = (byte < 0) ? 256 + byte : byte;

      // Convert byte to hexadecimal
      return ("0" + v.toString(16)).slice(-2);

  const response = {
    plainToken: pT,
    encryptedToken: hexString

  return JSON.stringify(response)

The validation always fails. I have tried several formats for the return function. Not sure what is wrong, and there is not explicit example I can find.

Thanks so much!

Here is the session regarding Webhook Validation. If still a problem then please share it here. Thanks

Thanks for your reply, but it was for Node.js. I meant for Google Apps script.

@shinseikaikanoffice @elisa.zoom @donte.zoom I tested locally with google script and nodejs working crypto js sample generated encryptedTokens both are the same.

But the issue is google script needs a pre-flight request with the 302 Found redirect and that is the actual issue from the (Client Side/App Validate Button) webhook validation with the google script endpoints.

For reference attaching both screenshots of the Google Script API response :point_down:

The localhost:3000 NodeJS working sample response (**same**) :point_down:

1 Like

@freelancer.nak Thank you for the all checkups. I understand that the problem is google apps script response. It is impossible to change the google apps script response, so the solution is having a new node.js server for the zoom webhooks. Is it right?

@elisa.zoom @donte.zoom Please verify from engineers, what is going wrong when validating the webhooks endpoint with google script endpoint.

For now, we will wait until get the response from @elisa.zoom @donte.zoom.

@freelancer.nak @elisa.zoom @donte.zoom
Thank you for your replies.
I gave up doing by Google Apps Script, and I am making a node.js server. It is working.(endpoint verification part has been done).

1 Like

@shinseikaikanoffice Great. Welcome & Thanks

1 Like

Now is the problem with webhook validation in goole app script is solved or not ???
me to wanted to verify webhook in google app script
@freelancer.nak @shinseikaikanoffice @freelancer.nak

I am trying the same.
Any suggestions from the Zoom team on what to do here ?
Or are we saying tools like google appscript which expect a 302 redirect will not work with zoom webhooks ?

Just commenting that Iā€™m having issues with Google Apps Script and Zoom webhook validation myself. Perhaps this is why?

Let me make it clear. It is impossible that zoom webhook app verify the response from google apps script app endpoint.

The reason is that

  1. Google apps script sends response from the url which is different from the endpoint url.

  2. Zoom webhook app verify a response only from the original endpoint url.

Zoom webhook app -request-> google apps script endpoint url( https://script.google.com/macros/s/++++++++/exec ) -redirect302-> https://script.googleusercontent.com/macros/echo?xxxxxx -response-> zoom webhook app

That is why it is impossible.

i made my website please check and review and tell me about it