Skip to main content
__wf_reserved_inherit

Zoom API JWT

Description

General

  • Documentation: https://marketplace.zoom.us/docs/guides/build/jwt-app
  • Summary: Zoom is a video teleconferencing software. It can be used to set up chats, meetings, phones calls or webinars. It exposes various APIs to integrate applications with their product. JWT can be used for server-to-server interactions, they can be generated with an API key and secret or directly from the developer dashboard. This detector aims at catching the JWT itself.
  • IPs allowlist: This feature is not mentioned in the documentation.
  • Scopes: Every token has the same scopes. It can access information linked to the user who created the app.

Revoke the secret

To revoke a JWT, regenerate the API secret used to generate it. This can be done from the app dashboard under "App credentials".

Check for suspicious activity

This feature is not mentioned in the documentation.

Details for Zoom api jwt

  • Family: Api

  • Category: Messaging system

  • Company: Zoom

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 1.3

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - eyjhbgcioijiuzi1nij9\.eyjhdwqiom51bgwsimlzcyi6i

Examples

- text: |
    http.setRequestProperty("Authorization", "Bearer eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY");
  token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY

- text: |
    +JWT_TOKEN = eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY
  token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY

- text: |
    <data name="Authorization" xml:space="preserve">
      <value>eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY</value>
      <comment>Token Bearer de acceso a Zoom</comment>
    </data>
  token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOm51bGwsImlzcyI6ImpmM0tFWFhvUnBxYTMxam92VERBd0EiLCJleHAiOjI4NDQ4MDE5NDAsImlhdCI6MTYyMzg3MTc5NX0.6WItA9SzXDFA4gaWftCPx2E94Xj6URS5eWuRXZgvAfY
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status