ZoomMtg.join() returns “The signature has expired.” help me please

Hi I’m integrate Zoom in my website, reading other answeres for this topic, I put a break point in my console in ZoomMtg.join and wait 5 seconds, this work for me but how can I do for put the setTime out in my code? I made how Michael_Purnell said

Hi @magh92,

We have received your request and will update you shortly.


Thanks for answere, I hope you can help me

Someone can help me to solve this problem please? I need do the integration

Hi Michael Purnell,

I am also getting the below error :
{method: “join”, status: false, errorCode: 1, errorMessage: “The signature has expired.”, result: null}

I am using Jquery also passing the correct signature still it’s give me above error.

Manoj Sarode.

Hey @manoj.sarode and @magh92,

I am working on reproducing this error and will get back to you with an update.


Hey @manoj.sarode and @magh92

Can I get more details on how to reproduce this error? I had no trouble getting this to work.
What type of computer and OS and browser are you getting this error message on?

Possible related solution?

Hi Tommy,

Thank you for quick reply !

Here are the required the details :

OS : Windows 10
bit : (64-bit)
JDK : jdk-10.0.2
Browser : Chrome ( Version 75.0.3770.100 (Official Build))
Browser : IE (Version : 11.557.177663.0)

We are generating the signature and initiating the zoom meeting by code provided in https://marketplace.zoom.us/docs/sdk/native-sdks/Web-Client-SDK/tutorial/generate-signature URL.

For one colleague user, it is working fine on his system. However it is not working for rest of other users. We have checked ALL required configuration parameters like Java version, source files, Jquery version, OS version, browser version, etc, same configuration is present for me and other users as well.

We have also added the 5 sec delay using setTimeOut() function but no luck.

Kindly suggest in case of I am missing anything in order to run the zoom meeting application and let me know in case of more details required…

Manoj Sarode.

Of course, I’m using windows 8.1 and Google chrome Versión 75.0.3770.100 (Build oficial) (64 bits)

Thank you both for this info, I am testing on each respective environment now.

Quick question, are you using JWT App Type API credentials or SDK App Type API credentials?

I´m using JWT App Type API credentials

Thanks, @magh92 I was able to reproduce using the same versions of Windows and Chrome as you.

I am working on a solution now.

1 Like

Oddly enough, it started working for me with no code changes.

Are you both still experiencing the issue?

Yeii now works for me too, thank you so much for help me

1 Like

You are welcome!

Feel free to reach out again if any issues arise!


Hi Tommy,

I am using jsonwebtoken i.e. JWT API type of credentials. I am still getting the above error. Earlier I was thinking that it is because of time which is required to generate the signature causing the problem. As signature creation part is in Java file and we are initiating the meeting using JS / JSP file by calling the Init / Join method using the same signature. We tried to pass the current time so that there is no problem with time but still it is giving me same error. I believe that there might be something missing in terms of any kind of configuration OR it might be possible that the code provided on above URL is works fine for some time, sometimes not, not sure.

I would like to know that What does mean it ‘The Signature has expired’, I mean in which condition it comes ?.

Can you suggest what needs to be done to resolve this issue ?

Manoj Sarode.

Hi Tommy,

I have one question, for the above error, is timezone / timestamp matters for generating the signature?

Let me share you today’s experience with you.

While doing the analysis, we have compared the time present on mine system VS time present on the colleague system where this application is running fine. There was difference of 7 mins. Mine system is 7 mins ahead as compare to the other one.

We did many R&D changes to calculate the signature. Later on we had minuses the 7 mins (converting to millisecond) from the current system time while generating the signature and ran the code. It was started working properly.

Now, considering the above scenario, I have below questions :

1] How we can identify whether the particular signature is valid for certain time ? OR Expiry logic ?
2] Is there any time conversion / Offset is required to generate the signature ?
3] How signature gets validated on zoom server, I mean what kind of parameter consider while checking the signature in order to run the zoom meeeting ?

Kindly waiting for valuable inputs.

Please Note : While doing the testing on same code, we extra error i.e. “3005 - clear attendees”. These was often occurred. For your reference, I have provided you the below image.

Manoj Sarode.

Hey @manoj.sarode,

Can you share the code you use to generate the signature? (don’t include any API creds)


Hi Tommy / Zoom Team,

Please find the below code. As I had said in trail mail, this code we have taken from below URL. The difference is only the time difference calculation :

https://marketplace.zoom.us/docs/sdk/native-sdks/Web-Client-SDK/tutorial/generate-signature -> JAVA tab / section code

**Method which is generating the Signature : **

public String generateSignature(String asApiKey, String asApiSecret, String asMeetingNumber, Integer aIRole)
			Mac hasher = Mac.getInstance("HmacSHA256");
			int liMin	= 10;
			long llOffsetMinMs = (long)liMin*60*1000;
			long llCurrentTimeMs = System.currentTimeMillis();
			llCurrentTimeMs = llCurrentTimeMs - llOffsetMinMs;
			String lsCurrentTimeInMilliseconds = Long.toString(llCurrentTimeMs);

			String lsMsg = String.format("%s%s%s%d", asApiKey, asMeetingNumber, lsCurrentTimeInMilliseconds, aIRole);
			hasher.init(new SecretKeySpec(asApiSecret.getBytes(), "HmacSHA256"));

			String lsMessage = Base64.getEncoder().encodeToString(lsMsg.getBytes());
			byte[] hash = hasher.doFinal(lsMessage.getBytes());
			String lsHashBase64Str = DatatypeConverter.printBase64Binary(hash);
			String lsTmpStr = String.format("%s.%s.%s.%d.%s", asApiKey, asMeetingNumber, lsCurrentTimeInMilliseconds, aIRole, lsHashBase64Str);
			String lsEncodedString = Base64.getEncoder().encodeToString(lsTmpStr.getBytes());

			return lsEncodedString.replaceAll("\\=+$", "");
	  	catch (NoSuchAlgorithmException e) {}
	  	catch (InvalidKeyException e) {}
		return "";

Kindly let me know in case of more details require, we are waiting inputs for the concerns asked in last discussion.


Manoj Sarode.

Thanks @manoj.sarode,

To confirm you are no longer getting error: “The signature has expired.” because you are changing the time by 7 minutes.

Now you are getting new error: 3005 clear attendees?

Also I am working on getting your 3 questions answered.
1] How we can identify whether the particular signature is valid for certain time ? OR Expiry logic ?
2] Is there any time conversion / Offset is required to generate the signature ?
3] How signature gets validated on zoom server, I mean what kind of parameter consider while checking the signature in order to run the zoom meeeting ?

Thanks for your patience!

1 Like