Skip to content

Zoom API JWT Keys

Service Name: Zoom Video Communications

Service Description: Zoom is a cloud-based video conferencing service that offers meetings, chat, phone, webinars, and an app marketplace. It allows users to host and participate in video meetings with features like screen sharing, recording, and chat.

Service Address: https://zoom.us/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Zoom's security settings.

Secret Access Scope: Grants programmatic access to Zoom's API endpoints for managing meetings, users, accounts, and other Zoom resources.

Secret Revokement URL: https://marketplace.zoom.us/user/build

Secret Example: eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJfX0FQSV9LRVlfXyIsImV4cCI6MTY0MDk5NTIwMH0.aBcDeFgHiJkLmNoPqRsTuVwXyZ

Suspicious Activity Investigation Instructions:

  • Review Zoom dashboard for unusual account activity or unauthorized meetings.
  • Check API usage logs for unexpected API calls or access patterns.
  • Monitor for unauthorized user additions or role changes within your Zoom organization.
  • Review meeting recordings or webinars that may have been created without authorization.
  • Check for any changes to account settings or security configurations.

Mitigation Instructions:

  • Log in to the Zoom Developer Dashboard at https://marketplace.zoom.us/
  • Navigate to the "Developed Apps" section.
  • Select the app associated with the compromised JWT.
  • Click on "App Credentials" and regenerate the API Key and Secret.
  • Update the JWT in all legitimate applications using the new credentials.
  • Review and update any IP restrictions or other security settings.
  • Consider implementing additional security measures like OAuth for more granular access control.
  • Audit all recent API activities to identify and address any unauthorized actions.