[WebSDK 2.9.7] Signature is invalid

Hi there,
I don’t understand why I’m getting “Signature is invalid.”
i already read all topics about this thing, but didn’t find a solution.

I’m using WebSDK 2.9.7
I’m generating signature locally in angular (just for testing) with this code:

  }: {
    sdkKey: string;
    sdkSecret: string;
    meetingNumber: string;
    role: number;
  }): string {
    const iat = Math.round(new Date().getTime() / 1000 - 60);
    const exp = iat + 60 * 60 * 2;
    const oHeader = { alg: 'HS256', typ: 'JWT' };

    const oPayload = {
      sdkKey: sdkKey,
      mn: meetingNumber,
      role: role,
      iat: iat,
      exp: exp,
      appKey: sdkKey,
      tokenExp: iat + 60 * 60 * 2

    const sHeader = JSON.stringify(oHeader);
    const sPayload = JSON.stringify(oPayload);
    const signature = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, sdkSecret);
    return signature;

And call a component view with this code

await client.init({ zoomAppRoot: meetingSDKElement!, language: 'it-IT' });
    await client.join({
      sdkKey: sdkKey,
      signature: this._generateSignature({
      success: (_: any) => {
      error: (error: any) => {

checking data using jwt.io looks legitimate to me.

What else can i check?

@dedonnodev Hope you will be fine.

Here are the sessions regarding WebSDK Integrations

I followed also those videos, but i got always Signature is invalid

@dedonnodev NodeJS Signature Sample :point_down:

const KJUR = require('jsrsasign');

function signatureHelper(req, res) {
    const iat = Math.round(new Date().getTime() / 1000) - 30;
    const exp = iat + 60 * 60 * 2

    const Header = {
        alg: 'HS256',
        typ: 'JWT'

    const Payload = {
        sdkKey: 'SDK-KEY',
        mn: req.body.meetingNumber,
        role: req.body.role,
        iat: iat,
        exp: exp

    const sHeader = JSON.stringify(Header);
    const sPayload = JSON.stringify(Payload);

    const meetingSignature = KJUR.KJUR.jws.JWS.sign('HS256', sHeader, sPayload, 'SDK-SECRET');

    return res.json({
        signature: meetingSignature,
        sdkKey: 'SDK-KEY'

you can check if Meeting SDK key/secret are active and working

the sample app on github is suitable for this

the CDN version is ready to use with a few simple steps

CDN/js/index.js:20 var SDK_KEY = "YOUR_SDK_KEY";
CDN/js/index.js:26 var SDK_SECRET = "YOUR_SDK_SECRET";
CDN/js/index.js:112 ... "/meeting.html?" // replace '/' with './'

CDN/js/meeting.js:31 leaveUrl: "/index.html", // replace '/' with './'

@dedonnodev ,

Are you still having issues with this?
Let me know, and I’ll see how I can help to triage this.

Hi there, also with “meetingsdk-web-sample” i got “Signature is invalid.”
but i don’t understand how.
With an old version of sdk “2.3.5” it works.

Same keys, same meeting.

@dedonnodev ,

previously on 2.3.5, were you using API key? In version 2.7 and above, you will need to use SDK Key instead


Let me know if you need more details, will be happy to walk you thru this

I didn’t know there was that guide.
Now that i converted jwt to sdk everything works.

Thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.