Authorization

The Zoom Video SDKs use a Video SDK key and secret to generate a Video SDK JWT for authorized use of the Video SDK.

Video SDK sessions can be started and joined with your Video SDK JWT.

1. Get Video SDK key and secret

To get a Video SDK key and secret, go to the Zoom App Marketplace and sign in with your Video SDK account. If you do not have a Video SDK account yet, you can create one.

Click Develop and choose Build App. On the Video SDK app type, click Create.

After completing the Video SDK App setup, go to App Credentials where you will find your Video SDK key and secret.

Now that you have a Video SDK key and secret you are ready to generate a Video SDK JWT.

2. Generate the Video SDK JWT

Each request to start and join a Video SDK session must be authorized by an encrypted Video SDK JSON Web Token (JWT). A Video SDK JWT must be generated each time you start and join a Video SDK session through a backend (server-side) function where your Video SDK credentials can be stored securely.

To quickly, easily, and securely generate a JWT for the Video SDKs, checkout the Signature Sample App.

JWTs are generated with three core parts: Header, Payload, and Signature. When combined, these parts are separated by a period to form a token: 1111111.2222222.3333333.

Header:

The Header includes the specification of the signing algorithm and the type of token.

Key	Value
`alg`	`HS256`
`typ`	`JWT`

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload:

The payload of a JWT contains the claims of the token, or the pieces of information being passed about the user and any metadata required.

Key	Value Description
`app_key`	Your Video SDK key. Required.
`tpc`	The Video SDK session name. Max length 200 characters. Required. Can include alphanumeric characters, space, and symbols: `!`, `#`, `$`, `%`, `&`, `(`, `)`, `+`, `-`, `:`, `;`, `<`, `=`, `.`, `>`, `?`, `@`, `[`, `]`, `^`, `_`, `{`, `}`, `\|`, `~`, `,`.
`version`	Should be set to `1`.
`role_type`	The user role. Required. Values: `0` to specify participant, `1` to specify host or co-host. Participants can join before the host.
`user_identity`	Optional, an identifier you can provide to identify your users. This value will show up in the Video SDK APIs and Dashboard as `user_key`. Max length 36 characters.
`session_key`	A key you can provide to identify your session. This value will show up in the Video SDK APIs and Video SDK Dashboard. This value is optional unless it was set with the host. If set with the host, all attendees must provide the same `session_key` value or they will fail to join the session. Max length 36 characters.
`geo_regions`	The data center connection preference for the user joining the session. The data center/s you specify must also be enabled on your account. Comma seperated string of the following supported geo regions `US`, `AU`,`CA`,`IN`,`CN`,`BR`,`MX`,`HK`,`SG`,`JP`,`DE`,`NL`. Abreviation reference here. Optional.
`iat`	The current timestamp. Required.
`exp`	JWT expiration date. Required. Values: Min = 1800 seconds greater than `iat` value, max = 48 hours greater than `iat` value. In epoch format.
`pwd`	Optional, the password of the session that the user is going to create or join. Max length 10 characters.

{
  "app_key": VIDEO_SDK_KEY,
  "tpc": SESSION_NAME,
  "version": 1,
  "role_type": ROLE,
  "user_identity": USER_IDENTITY,
  "session_key": SESSION_KEY,
  "geo_regions": "US,AU,CA,IN,CN,BR,MX,HK,SG,JP,DE,NL",
  "iat": 1646937553,
  "exp": 1646944753,
  "pwd": 12345
}

Signature:

To create a signature for the JWT, the header and payload must be encoded with the Video SDK secret through an HMAC SHA256 algorithm.

Value	Value Description
`ZOOM_VIDEO_SDK_SECRET`	Required, your Video SDK secret.

HMACSHA256(
  base64UrlEncode(header) + '.' + base64UrlEncode(payload),
  ZOOM_VIDEO_SDK_SECRET
);

Example Video SDK JWT:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBfa2V5IjoiVklERU9fU0RLX0tFWSIsImlhdCI6MTY0NjI0ODc5NiwiZXhwIjoxNjQ2MjU1OTk2LCJ0cGMiOiJDb29sIENhcnMiLCJ1c2VyX2lkZW50aXR5IjoidXNlcjEyMyIsInNlc3Npb25fa2V5Ijoic2Vzc2lvbjEyMyIsInJvbGVfdHlwZSI6MH0.Y6C65mZUxTZFeGiOI6oW5q2UkIXe3nLTK0MVNkfiJ9c

Node.js generate Video SDK JWT function

In the sample Node.js generate signature function below, we use jsrsasign, an open source cryptographic JavaScript library.

const KJUR = require('jsrsasign')
// https://www.npmjs.com/package/jsrsasign
function generateSignature(sdkKey, sdkSecret, sessionName, role, sessionKey, userIdentity) {

  const iat = Math.round((new Date().getTime() - 30000) / 1000)
  const exp = iat + 60 * 60 * 2
  const oHeader = { alg: 'HS256', typ: 'JWT' }

  const oPayload = {
    app_key: sdkKey,
    tpc: sessionName,
    role_type: role,
    session_key: sessionKey,
    user_identity: userIdentity,
    version: 1,
    iat: iat,
    exp: exp
  }

  const sHeader = JSON.stringify(oHeader)
  const sPayload = JSON.stringify(oPayload)
  const sdkJWT = KJUR.jws.JWS.sign('HS256', sHeader, sPayload, sdkSecret)
  return sdkJWT
}

console.log(generateSignature(process.env.ZOOM_VIDEO_SDK_KEY, process.env.ZOOM_VIDEO_SDK_SECRET, 'Cool Cars', 1, 'session123', 'user123'))

For additional JWT libraries and examples in more languages, see JWT.io.

You are now ready to start and join Video SDK sessions.

3. Pass the Video SDK JWT to the join function

Now that you have a Video SDK JWT token you can use it to start and join Video SDK sessions.

val params = ZoomVideoSDKSessionContext()
params.sessionName = "My session name"
params.userName = "My Name"
params.sessionPassword = "My session passcode"
params.token = "" // Pass in your Video SDK JWT
val session = ZoomVideoSDK.getInstance().joinSession(params)

let sessionContext = ZoomVideoSDKSessionContext()
sessionContext.sessionName = "My session name"
sessionContext.userName = "My name"
sessionContext.sessionPassword = "My session passcode"
sessionContext.token = "" // Pass in your Video SDK JWT
ZoomVideoSDK.shareInstance()?.joinSession(sessionContext)

let sessionContext = ZMVideoSDKSessionContext()
sessionContext.sessionName = "My session name"
sessionContext.userName = "My name"
sessionContext.sessionPassword = "My session passcode"
sessionContext.token = "" // Pass in your Video SDK JWT
ZMVideoSDK.shared()?.joinSession(sessionContext)

await zoom.joinSession({
  sessionName: 'My session name',
  userName: 'My name',
  sessionPassword: 'My session passcode'
  token: '', // Pass in your Video SDK JWT
  audioOptions: {
    connect: true,
    mute: false,
  },
  videoOptions: {
    localVideoOn: true,
  },
  videoOptions: {
    localVideoOn: true,
  },
});

client.join(topic, token, userName, password).then(() => {
  stream = client.getMediaStream()
}).catch((error) => {
  console.log(error)
})

ZoomVideoSDKSessionContext sessionContext;
sessionContext.sessionName = L"My session name";
sessionContext.userName = L"My name";
sessionContext.sessionPassword = L"My session passcode";
sessionContext.token = L""; // Pass in your Video SDK JWT
IZoomVideoSDKSession* pSession = m_pVideoSDK->joinSession(sessionContext);

See the platform-specific Video SDK documentation for more instructions on how to provide the Video SDK JWT token to the Video SDK.

You are now ready to pick a platform and to start and join Video SDK sessions.

Next Steps

Android iOS macOS React Native Web Windows

Need help?