Allow Jitsi-meet to be accessible from iframe on specific domain only

I’ve set up a jitsi-meet server (Apache2).

I have another web application where employees of our organisation are registered. I want only them to use my server resources. So, I used iFrame in that web application for jitsi-meet as described at https://github.com/jitsi/jitsi-meet/blob/master/doc/api.md

By default, Jitsi-Meet allows anyone to start a new meeting by accessing the domain root.

Is it possible to restrict access to jitsi-meet only from the iframe on specific domain? Not even accessible by directly visiting the installation domain?

@Milind_Sharma Did you get any solution on this?

1 Like

@abridgetool Not yet

1 Like

Since you have already an authentication system, Jitsi with JWT authentication should work

Hi. I found al alternative solution to do this. You have to edit this file “/usr/share/jitsi-meet/index.html” and add this code after the first script tag

if ( window.location !== window.parent.location )
{
console.log(“Inside an iframe. OK!”);
}else{
window.location.href=“url if is not inside an iframe”;
}
if(getParentUrl()!=“https://allowdomain.com/”){
window.location.href=“url if not allow”;
}
function getParentUrl() {
var isInIframe = (parent !== window),
parentUrl = null;
if (isInIframe) {
parentUrl = document.referrer;
}
return parentUrl;
}

using domain referrer.