Zoom Webinar info security breach

We are using the Web SDK to perform join in the Webinar in our FrontEnd application.

We have the BackEnd application responsible to generate the signature as you all recommend in the docs.

Our concern is about the requirement of the SDK need the meeting number, meeting password and the API Key placed in the FrontEnd application to perform the Join.

We have all the Webinar meeting information stored in the BackEnd application to generate the signature (Meeting Number and Password)

The main question is:

Is there any way to don’t expose the Meeting Number / Meeting Password in the SDK, since we already have one of it in the Signature?

Let me know if you all need more info on this.


Which version?

Hey @rpelisson,

We will consider changing how the meetingID and passcode is passed into the frontend.

That being said, you don’t have to hardcode it, you can set it as a variable, or pass it in through an input, which would allow the user to type in the meeting number and passcode.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.