Why Access Token Change Is Affecting JWT Apps?

bmartin · February 9, 2023, 10:07am

I saw this today https://devsupport.zoom.us/hc/en-us/articles/12363164278669-API-access-token-change and it says

I use a JWT app. Does this affect me?

Yes. The JWT app type (which is being deprecated) generates an access token that is consumed by the Zoom API. This access token must be sent as part of the Authorization Request header as well.

I am using the JWT app but I am the above is misleading, the Zoom JWT app uses a JWT token not an access token. I am generating the JWT token using the API Key and API Secret, and then sending as

{"Authorization", "Bearer #{jwt_token}"}, {"Content-Type", "application/json"}

In the header of each request.

I am not sure what other changes will I need to make before the 24th of February 2023.

MultiplayerSession · February 9, 2023, 3:32pm

Looks like you’re already sending the token in the HTTP Authorization header, not as part of the URL query string, so you’re all set. This is about keeping authentication tokens out of URLs, which have a tendency to be stored unencrypted in log files by various servers.

system · February 13, 2024, 7:09am

This topic was automatically closed 368 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Migration from JWT App API and Webhooks	3	505	March 13, 2024
Don't call my app a "JWT app" please API and Webhooks	1	190	September 19, 2023
JWT Application End-of-Life Users and Groups	1	209	July 13, 2023
JWT apps to be deprecated in favor of Server-to-Server OAuth Authentication	46	8585	April 25, 2023
[Security Update] No token values in URL query parameters API and Webhooks	63	3610	February 26, 2024

Why Access Token Change Is Affecting JWT Apps?

I use a JWT app. Does this affect me?

Related Topics