Zoom Rooms 'Join' API doesn't work with many meeting passwords

tom.usher · May 14, 2020, 9:25am

Description
We use the Zoom Rooms ‘Join’ API to make rooms join meetings on-demand.

This endpoint has the restriction that “Password may only contain the following characters: [a-z A-Z 0-9 @ – _ *]. Max of 10 characters.”.

However, recent Zoom security changes have increased the security of auto-generated passwords so they include characters outside of this allowed set of characters (?, #, etc.).

This means we can’t use this API endpoint for many Zoom meetings.

Error
On triggering the API with a password containing ‘invalid’ characters:

{'jsonrpc': '2.0', 'error': {'code': 32602, 'message': 'Validation Failed.', 'data': [{'field': 'params.password', 'message': 'Invalid field.'}]}}

Which Endpoint/s?

tommy · May 19, 2020, 6:40pm

Hey @tom.usher,

Thanks for sharing this. Our engineering team is investigating. I will get back to you with updates. (ZOOM-162547)

Thanks,
Tommy

tommy · May 20, 2020, 6:06pm

Hey @tom.usher,

We updated our docs to include the new password requirements:

Make sure the password you are setting aligns with your password strength requirements in your settings.

Thanks,
Tommy

tom.usher · May 21, 2020, 9:12am

Thanks for looking in to this and updating the documentation so promptly.

However, this doesn’t seem to align with what we’re currently seeing:

Meetings that are created with ‘Free’ accounts do not have the option to set minimum password requirements
There are no minimum password requirements set on the account that owns the Zoom Rooms
Meetings that are generated using the ‘New Meeting’ button, or via the Slack integration get generated with passwords that aren’t compatible (e.g w46!(i{74n)

So in summary:

A user with a free account creates a meeting, a password like w46!(i{74n might be generated.
Attempting to make the room join the meeting using this password results in an error
There are no minimum password requirements set on either account

tommy · May 27, 2020, 9:54pm

Hey @tom.usher,

Gotcha, thanks we will look into this further.

-Tommy

tommy · June 4, 2020, 5:42am

Hey @tom.usher,

I need some additional details.

What is the exact error message you are seeing, and what is your account #?

Thanks,
Tommy

tom.usher · June 4, 2020, 9:26am

No problem.

The account which ‘owns’ the Zoom Rooms is 442755. We created an unpublished app in the marketplace called ‘Zoom Room Joiner’ associated with this account, which is being used to join calls.

The host of a call can be any other Zoom account, we have tried with multiple.

The exact error is, when POSTing

{
  "jsonrpc": "2.0",
  "method": "join",
  "params": {
    "meeting_number": "{any given meeting number with spaces/dashes removed}",
    "password": "{password containing invalid characters}",
    "force_accept": false,
  }
}

to https://api.zoom.us/v2/rooms/{roomId}/meetings where roomId is the value of an ID returned from https://api.zoom.us/v2/rooms.

The error is:

{'jsonrpc': '2.0', 'error': {'code': 32602, 'message': 'Validation Failed.', 'data': [{'field': 'params.password', 'message': 'Invalid field.'}]}}