Top of pageSkip to main content

Authorization


The Zoom Video SDKs use a Video SDK key and secret to generate a Video SDK JWT for authorized use of the Video SDK.

Video SDK sessions can be started and joined with your Video SDK JWT.

On This Page

Follow these steps to get your Video SDK key and secret, generate the Video SDK JWT, and pass the Video SDK JWT to the join function.

1. Get Video SDK key and secret

To get a Video SDK key and secret, go to the Zoom App Marketplace and sign in with your Video SDK account. If you do not have a Video SDK account yet, you can create one.

Click Develop and choose Build App. On the Video SDK app type, click Create.

After completing the Video SDK App setup, go to App Credentials where you will find your Video SDK key and secret.

Now that you have a Video SDK key and secret you are ready to generate a Video SDK JWT.

2. Generate the Video SDK JWT

Each request to start and join a Video SDK session must be authorized by an encrypted Video SDK JSON Web Token (JWT). A Video SDK JWT must be generated each time you start and join a Video SDK session through a backend (server-side) function where your Video SDK credentials can be stored securely.

JWTs are generated with three core parts: Header, Payload, and Signature. When combined, these parts are separated by a period to form a token: 1111111.2222222.3333333.

Header:

The Header includes the specification of the signing algorithm and the type of token.

KeyValue
algHS256
typJWT
{
  "alg": "HS256",
  "typ": "JWT"
}

Payload:

The payload of a JWT contains the claims of the token, or the pieces of information being passed about the user and any metadata required.

KeyValue Description
app_keyYour Video SDK key. Required.
tpcThe Video SDK session name. Max length 200 characters. Required. Can include alphanumeric characters, space, and symbols: !, #, $, %, &, (, ), +, -, :, ;, <, =, ., >, ?, @, [, ], ^, _, {, }, |, ~, ,.
versionShould be set to 1.
role_typeThe user role. Required. Values: 0 to specify participant, 1 to specify host or co-host. Participants can join before the host.
user_identityOptional, an identifier you can provide to identify your users. This value will show up in the Video SDK APIs and Dashboard as user_key. Max length 36 characters.
session_keyA key you can provide to identify your session. This value will show up in the Video SDK APIs and Video SDK Dashboard. This value is optional unless it was set with the host. If set with the host, all attendees must provide the same session_key value or they will fail to join the session. Max length 36 characters.
geo_regionsThe data center connection preference for the user joining the session. The data center/s you specify must also be enabled on your account. Comma seperated string of the following supported geo regions US, AU,CA,IN,CN,BR,MX,HK,SG,JP,DE,NL. Abreviation reference here. Optional.
iatThe current timestamp. Required.
expJWT expiration date. Required. Values: Min = 1800 seconds greater than iat value, max = 48 hours greater than iat value. In epoch format.
pwdOptional, the password of the session that the user is going to create or join. Max length 10 characters.
{
  "app_key": VIDEO_SDK_KEY,
  "tpc": SESSION_NAME,
  "version": 1,
  "role_type": ROLE,
  "user_identity": USER_IDENTITY,
  "session_key": SESSION_KEY,
  "geo_regions": "US,AU,CA,IN,CN,BR,MX,HK,SG,JP,DE,NL",
  "iat": 1646937553,
  "exp": 1646944753,
  "pwd": 12345
}

Signature:

To create a signature for the JWT, the header and payload must be encoded with the Video SDK secret through an HMAC SHA256 algorithm.

ValueValue Description
ZOOM_VIDEO_SDK_SECRETRequired, your Video SDK secret.
HMACSHA256(
  base64UrlEncode(header) + '.' + base64UrlEncode(payload),
  ZOOM_VIDEO_SDK_SECRET
);

Example Video SDK JWT:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBfa2V5IjoiVklERU9fU0RLX0tFWSIsImlhdCI6MTY0NjI0ODc5NiwiZXhwIjoxNjQ2MjU1OTk2LCJ0cGMiOiJDb29sIENhcnMiLCJ1c2VyX2lkZW50aXR5IjoidXNlcjEyMyIsInNlc3Npb25fa2V5Ijoic2Vzc2lvbjEyMyIsInJvbGVfdHlwZSI6MH0.Y6C65mZUxTZFeGiOI6oW5q2UkIXe3nLTK0MVNkfiJ9c

Node.js generate Video SDK JWT function

In the sample Node.js generate signature function below, we use jsrsasign, an open source cryptographic JavaScript library.

const KJUR = require('jsrsasign')
// https://www.npmjs.com/package/jsrsasign
function generateSignature(sdkKey, sdkSecret, sessionName, role, sessionKey, userIdentity) {

  const iat = Math.round((new Date().getTime() - 30000) / 1000)
  const exp = iat + 60 * 60 * 2
  const oHeader = { alg: 'HS256', typ: 'JWT' }

  const oPayload = {
    app_key: sdkKey,
    tpc: sessionName,
    role_type: role,
    session_key: sessionKey,
    user_identity: userIdentity,
    version: 1,
    iat: iat,
    exp: exp
  }

  const sHeader = JSON.stringify(oHeader)
  const sPayload = JSON.stringify(oPayload)
  const sdkJWT = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, sdkSecret)
  return sdkJWT
}

console.log(generateSignature(process.env.ZOOM_VIDEO_SDK_KEY, process.env.ZOOM_VIDEO_SDK_SECRET, 'Cool Cars', 1, 'session123', 'user123'))

You are now ready to start and join Video SDK sessions.

3. Pass the Video SDK JWT to the join function

Now that you have a Video SDK JWT token you can use it to start and join Video SDK sessions.

val params = ZoomVideoSDKSessionContext()
params.sessionName = "My session name"
params.userName = "My Name"
params.sessionPassword = "My session passcode"
params.token = "" // Pass in your Video SDK JWT
val session = ZoomVideoSDK.getInstance().joinSession(params)
let sessionContext = ZoomVideoSDKSessionContext()
sessionContext.sessionName = "My session name"
sessionContext.userName = "My name"
sessionContext.sessionPassword = "My session passcode"
sessionContext.token = "" // Pass in your Video SDK JWT
ZoomVideoSDK.shareInstance()?.joinSession(sessionContext)
let sessionContext = ZMVideoSDKSessionContext()
sessionContext.sessionName = "My session name"
sessionContext.userName = "My name"
sessionContext.sessionPassword = "My session passcode"
sessionContext.token = "" // Pass in your Video SDK JWT
ZMVideoSDK.shared()?.joinSession(sessionContext)
await zoom.joinSession({
  sessionName: 'My session name',
  userName: 'My name',
  sessionPassword: 'My session passcode'
  token: '', // Pass in your Video SDK JWT
  audioOptions: {
    connect: true,
    mute: false,
  },
  videoOptions: {
    localVideoOn: true,
  },
  videoOptions: {
    localVideoOn: true,
  },
});
client.join(topic, token, userName, password).then(() => {
  stream = client.getMediaStream()
}).catch((error) => {
  console.log(error)
})
ZoomVideoSDKSessionContext sessionContext;
sessionContext.sessionName = L"My session name";
sessionContext.userName = L"My name";
sessionContext.sessionPassword = L"My session passcode";
sessionContext.token = L""; // Pass in your Video SDK JWT
IZoomVideoSDKSession* pSession = m_pVideoSDK->joinSession(sessionContext);

See the platform-specific Video SDK documentation for more instructions on how to provide the Video SDK JWT token to the Video SDK.

You are now ready to pick a platform and to start and join Video SDK sessions.

Need help?

If you're looking for help, try Developer Support or our Developer Forum. Priority support is also available with Premier Developer Support plans.