Hi,
Regarding the documentation of Android SDK here https://marketplace.zoom.us/docs/sdk/native-sdks/android/build-your-first-zoom-app/join-meeting
You have to initialize the SDK by doing
ZoomSDK zoomSDK = ZoomSDK.getInstance();
if(savedInstanceState == null) {
zoomSDK.initialize(this, APP_KEY, APP_SECRET, WEB_DOMAIN, this);
}
So, do I have to set the APP_KEY and APP_SECRET on the client app? That’s not secure at all.
There is a comment on this link https://marketplace.zoom.us/docs/sdk/native-sdks/android/build-your-first-zoom-app/preparation
Please be aware that all hard-coded variables and constants
* shown in the documentation and in the demo, such as Zoom Token,
* Zoom Access, Token, etc., are ONLY FOR DEMO AND TESTING PURPOSES.
* We STRONGLY DISCOURAGE the way of HARDCODING any Zoom Credentials
* (username, password, API Keys & secrets, SDK keys & secrets, etc.)
* or any Personal Identifiable Information (PII) inside your application.
* WE DON’T MAKE ANY COMMITMENTS ABOUT ANY LOSS CAUSED BY HARD-CODING CREDENTIALS
* OR SENSITIVE INFORMATION INSIDE YOUR APP WHEN DEVELOPING WITH OUR SDK.
Right, so I must not use hardcoding constants. How should I initialize the SDK on the Android App without hardcoding the credentials on the client?
Can I generate a JWT Token to Join the call for Android? Reading here https://marketplace.zoom.us/docs/sdk/native-sdks/android/mastering-zoom-sdk/sdk-initialization.
It says
Authenticate using JWT
As of Android SDK version 4.4.57220.1211, the iOS SDK can be initialized using JWT for added security, convenience and versatility.
Why do you refer to iOS in that section that is meant Android, I don’t quite get if the Android SDK can use JWT or not.
At the bottom section of the link shows
ZoomSDK sdk = ZoomSDK.getInstance();
sdk.initialize(context, APP_KEY, APP_SECRET, (ZoomSDKInitializeListener)this);
The parameters in the function (from first to last):
Parameter | Definition |
---|---|
Context | Android context |
appKey | Your SDK key |
appSecret | Your SDK secret |
listener | Listener for initialize result |
No JWT token parameter here, so I must assume that you can’t use JWT token, am I right?
Going back to the original question… How can I initialize the SDK on the client app without harcoding the keys?
Thanks