Webhook was delayed and came with an invalid download token

zoom-test · March 24, 2020, 6:01pm

Description
A meeting that was 160 minutes long and started on roughly “2020-03-16T15:00:00Z” did not have its recording completed webhook arrive until about “2020-03-19T02:32:31Z”. Nearly 2 1/2 days later. This wouldn’t be a huge problem (guessing this came late because of heavy load on Zoom) but the download_token that it came with was already expired.

Error
Download token already expired when received. This was discovered by decoding the payload and checking the expiration time.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Recording Completed Webhook

Which Endpoint/s?
Knowing the API endpoint/s can help us to identify your issue faster. Please link the ones you need help/have a question with.

How To Reproduce (If applicable)
Unsure, have an app that gets recording webhooks and record a long meeting during high traffic times

Additional context
If you want the webhook I can DM it. But it seems that sending out an already expired download_token with a webhook.is not the desired behavior.

Another question while I have you. Is the default expiration for webhook download tokens ones day? Has this changed recently?

tommy · March 24, 2020, 9:39pm

Hey @zoom-test,

Please see my post here regarding the invalid download token:

This actually isn’t an issue of the download token expiring. There is a bug in code we released over the weekend, and we are working on a fix.

Also, you can stay updated about the Cloud Recording delays here: https://status.zoom.us/incidents/5hdzb14vhxyv

Thanks,
Tommy

zoom-test · March 24, 2020, 10:42pm

Hi @tommy,

I’m not quite convinced that this is the same issue. This seems more tied to the delayed webhooks than downloads just not working.

That thread talks about someone who was downloading the recordings previously without adding the download_token. That is not the case for us. We add the download_token by default to all recordings we download (until downloads support OAuth token bearer authentication downloads, which was supposed to be shipped this weekend.) Those download_token’s appear to be just a form of JWT that has a hard coded expiration date/time. When we received it via webhook, it was already expired. (They can be examined using numerous tools jwt.io has one on their page).

So if webhooks were being delayed that much then that is something to look into that the token was generated, webhook sending got delayed, webhook sending finally happened, but the token was already expired because it was delayed for so long. At least that is my theory.

Also using the JWT app is not an option for us as this is marketplace app.

Again my question, what is the default expiration time for download_token’s from the webhooks? This is not documented anywhere. Right now it looks to be about a day long.

tommy · March 25, 2020, 5:34am

Hey @zoom-test,

There are a few more threads which mention the download_token was not working:

Good thoughts, but I’m pretty sure the token is generated once the webhook is sent.

That being said, we are working on a fix for this asap. I understand you can’t use the JWT since it is a marketplace app, I will update you once it is fixed.

The token lasts for 24 hours.

Thanks,
Tommy

zoom-test · April 2, 2020, 3:59pm

@tommy, Hey,

We saw another instance of this where the webhook from a 1 hour recording from 3/31 did not arrive till today (4/2) and the token said it expired on 4/1. Will this be fixed soon? This impacts our ability to serve customers.

tommy · April 2, 2020, 10:53pm

Hey @zoom-test,

We are looking into this issue. Can you please private message me the affected meetingIDs and webhooks you received late? (ZOOM-149070)

Thanks,
Tommy

tommy · April 7, 2020, 6:11am

Hey @zoom-test,

You are right, the issue is the download_token expires before the webhook is sent.

We are currently working on a feature to fix this. I will keep this thread updated.

Thanks,
Tommy