Allowing room creation only from jitsi external API

Hi all,

First, Thank you so much for all the amazing work you do.

Second, we deployed jitsi meet on our own server, let’s say jitsi.school.com and we want it to be accessible only from a php page called startroom.php using the jitsi API.
The problem is that If someone type directly jitsi.school.com into the browser, they still can access it and create room. if we use posody to prevent this, everytime someone start a room from startroom.php, they will be asked for posody authentification which is not what we want.

is there annway that we can create rooms only requested by the external API.

Thank you so much.

Hello @tooby15,

Search for JWT. This is thing what you want

Thank you @emrah, I will check it out :relaxed: