SDK Authorization
The Zoom Video SDKs use a Video SDK Key and Secret to generate an SDK JWT for authorized use of the Video SDK.
Video SDK Sessions can be started and joined with your Video SDK JWT.
On This Page
Get Video SDK Key and Secret
To get a Video SDK Key and Secret, go to the Zoom App Marketplace and sign in with your Video SDK account. If you do not have a Video SDK account yet, you can create one.
Click Develop and choose Build App. On the Video SDK app type, click Create.
After completing the Video SDK App setup, go to App Credentials where you will find your Video SDK Key and Secret.
Now that you have a Video SDK Key and Secret you are ready to generate a Video SDK JWT.
Generate the Video SDK JWT
Each request to start and join a Video SDK Session must be authorized by an encrypted Video SDK JSON Web Token (JWT). A Video SDK JWT must be generated each time you start and join a Video SDK Session through a backend (server-side) function where your Video SDK credentials can be stored securely.
JWTs are generated with three core parts: Header, Payload, and Signature. When combined, these parts are separated by a period to form a token: 1111111.2222222.3333333.
Header:
The Header includes the specification of the signing algorithm and the type of token.
| Key | Value |
|---|---|
alg | HS256 |
typ | JWT |
{"alg": "HS256","typ": "JWT"}
Payload:
The payload of a JWT contains the claims of the token, or the pieces of information being passed about the user and any metadata required.
| Key | Value Description |
|---|---|
app_key | Your Video SDK Key. Required. |
tpc | The Video SDK Session name. Max 200 characters. Required. Can include alphanumeric characters, space, and symbols: !, #, $, %, &, (, ), +, -, :, ;, <, =, ., >, ?, @, [, ], ^, _, {, }, |, ~, ,. |
version | Should be set to 1. |
role_type | The user role. Required. Values: 0 to specify participant, 1 to specify host. |
user_identity | Optional, an identifier you can provide to identify your users. This value will show up in the Video SDK APIs and Dashboard. Max length 15 characters. |
session_key | A key you can provide to identify your session. This value will show up in the Video SDK APIs and Video SDK Dashboard. This value is optional unless it was set with the host. If set with the host, all attendees much provide the same session_key value or they will fail to join the session. |
iat | The current timestamp. Required. |
exp | JWT expiration date. Required. Values: Min = 1800 seconds greater than iat value, max = 48 hours greater than iat value. In epoch format. |
pwd | Optional, the password of the session that the user is going to create or join. Supports a maximum of 10 characters. |
{"app_key": VIDEO_SDK_KEY,"tpc": SESSION_NAME,"version": 1,"role_type": ROLE,"user_identity": USER_IDENTITY,"session_key": SESSION_KEY,"iat": 1646937553,"exp": 1646944753,"pwd": 12345}
Signature:
To create a signature for the JWT, the header and payload must be encoded with the Video SDK Secret through an HMAC SHA256 algorithm.
| Value | Value Description |
|---|---|
VIDEO_SDK_SECRET | Required, your Video SDK Secret. |
HMACSHA256(base64UrlEncode(header) + '.' + base64UrlEncode(payload),VIDEO_SDK_SECRET);
Example Video SDK JWT:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBfa2V5IjoiVklERU9fU0RLX0tFWSIsImlhdCI6MTY0NjI0ODc5NiwiZXhwIjoxNjQ2MjU1OTk2LCJ0cGMiOiJDb29sIENhcnMiLCJ1c2VyX2lkZW50aXR5IjoidXNlcjEyMyIsInNlc3Npb25fa2V5Ijoic2Vzc2lvbjEyMyIsInJvbGVfdHlwZSI6MH0.Y6C65mZUxTZFeGiOI6oW5q2UkIXe3nLTK0MVNkfiJ9c
Node.js generate Video SDK JWT function
In the sample Node.js generate signature function below, we use jsrsasign, an open source cryptographic JavaScript library.
const KJUR = require('jsrsasign')// https://www.npmjs.com/package/jsrsasignfunction generateSignature(sdkKey, sdkSecret, sessionName, role, sessionKey, userIdentity) {const iat = Math.round((new Date().getTime() - 30000) / 1000)const exp = iat + 60 * 60 * 2const oHeader = { alg: 'HS256', typ: 'JWT' }const oPayload = {app_key: sdkKey,tpc: sessionName,role_type: role,session_key: sessionKey,user_identity: userIdentity,iat: iat,exp: exp}const sHeader = JSON.stringify(oHeader)const sPayload = JSON.stringify(oPayload)const sdkJWT = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, sdkSecret)return sdkJWT}console.log(generateSignature(process.env.ZOOM_VIDEO_SDK_KEY, process.env.ZOOM_VIDEO_SDK_SECRET, 'Cool Cars', 1, 'session123', 'user123'))
For additional JWT libraries and examples in more languages, see JWT.io.
You are now ready to start and join Video SDK Sessions.
Need help?
If you're looking for help, try Developer Support or our Developer Forum. Priority support is also available with Premier Developer Support plans.