Zoom Meeting SDK JWT Initialization Docs Are Misleading

The Zoom Meeting SDK Docs are misleading. They say you can initialize a Zoom Meeting SDK with a JWT token expiration of 1800 seconds, but that isn’t true because 1801 seconds works, but 1800 doesn’t.

Welcome, @will.wilkinson,

Thank you for posting in the Zoom Developer Forum. We appreciate you calling attention to the behavior you are seeing. It is my understanding the minimum tokenExp is 1800. Are you able to share the snippet of code you used to generate the MSDK JWT? This will helps diagnose what may be happening.

I’m using an Elixir server to generate the token. Here is the code that uses the elixir Guardian library to generate it:

defmodule MDWeb.TabletZoomSDKGuardian do
  use Guardian,
    otp_app: :member_doc_api,
    ttl: {1800, :second},
    allowed_algos: ["HS256"],
    secret_fetcher: MDWeb.Guardian.ZoomSDKSecretFetcher

  def subject_for_token(_resouce, _claims), do: {:ok, nil}

  def build_claims(%{"exp" => exp} = claims, _resouce, _),
    do: {:ok, Map.put(claims, "tokenExp", exp)}

  def resource_from_claims(_claims), do: nil

  def generate_token do
    sdk_key = Application.get_env(:member_doc_api, __MODULE__) |> Keyword.get(:sdk_key)

    encode_and_sign(nil, %{"appKey" => sdk_key})

And here is the claims for that token

   "appKey" => "our_sdk_key",
   "aud" => "",
   "exp" => 1675444300,
   "iat" => 1675442500,
   "iss" => "",
   "jti" => "35267934-9dc9-4eda-9c6a-a90ba0d4e608",
   "nbf" => 1675442499,
   "role" => 0,
   "sub" => nil,
   "tokenExp" => 1675444300,
   "typ" => "access"

It seems like the issue is that someone used a zoom_jwt_expiration_min > 1800 instead of zoom_jwt_expiration_min >= 1800


I am not familiar with Elixir but I think you make a great point that perhaps the zoom_jwt_expiration_min >= 1800 would be more accurate. I will share this feedback with our documentation team. Please also feel free to share your feedback here : Feedback - Zoom

Let me know if you have any additional questions or comments.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.