Authenticating with JWT on custom domain

Hello community

I’m trying to get JWT authentication working and am half-way successful. What I’m currently having issues with is that we set the sub attribute to a custom domain when creating the token and I can’t figure out how to configure jicofo to accept this value.

The default value for the sub is meet.jitsi but in our case, it’s ourdomain.tld.com. I can successfully authenticate with the default sub but not with our custom domain. I have tried playing around with all different kind of settings (XMPP_DOMAIN for example) but with no success.

Does anyone have a working setup with a custom domain so we could compare configs?
As a side-note, we’re running a dockerized instance of jitsi-meet and use the env-vars for configuration.

Many thanks in advance for any help, much appreciated.

The Docker setup uses the fake meet.jitsi domain for the XMPP communication, since it’s all done in the internal network. Why do you need to specify the sub matching your real domain?

Thanks for your feedback @saghul :raised_hands:

We have an already productive webservice (separate of jitsi) that generates the JWT consumed by jitsi. This webservice adds a different sub attribute than what jitsi expects as default (meet.jitsi)

I thought there might be an easy way to configure jitsi to meet our current JWT requirement but we’ll now stick with the default as recommended by you also and roll-out an update of our webservice. Thanks :slight_smile:

1 Like