Bad argument #1 to 'lower'


After I setup JWT I cant enter to the room from lobby

prosody logs:

c2s55a93a61fd40                                              error      Traceback[c2s]: /prosody-plugins/token/util.lib.lua:342: bad argument #1 to 'lower' (string expected, got nil)
        stack traceback:
        [C]: in function 'string.lower'
        /prosody-plugins/token/util.lib.lua:342: in method 'verify_room'
        /prosody-plugins/mod_token_verification.lua:62: in upvalue 'verify_user'
        /prosody-plugins/mod_token_verification.lua:86: in field '?'
        /usr/share/lua/5.4/prosody/util/events.lua:81: in function </usr/share/lua/5.4/prosody/util/events.lua:77>
        (...tail calls...)
        /usr/lib/prosody/modules/muc/muc.lib.lua:684: in function </usr/lib/prosody/modules/muc/muc.lib.lua:618>
        (...tail calls...)
        /usr/share/lua/5.4/prosody/util/events.lua:81: in function </usr/share/lua/5.4/prosody/util/events.lua:77>
        (...tail calls...)
        /usr/share/lua/5.4/prosody/core/stanza_router.lua:188: in upvalue 'core_post_stanza'
        /usr/share/lua/5.4/prosody/core/stanza_router.lua:128: in upvalue 'core_process_stanza'
        /usr/lib/prosody/modules/mod_c2s.lua:326: in upvalue 'func'
        /usr/share/lua/5.4/prosody/util/async.lua:144: in function </usr/share/lua/5.4/prosody/util/async.lua:142>               warn       A module has been configured that triggers external events.               warn       Implement this lib to trigger external events.
[root@dev_11-awa docker-jitsi-meet-stable-8138-1]#  Traceback[c2s]: /prosody-plugins/token/util.lib.lua:342: bad argument #1 to 'lower' (string expected, got nil)

docker containers:

82cb34e0f023   jitsi/jibri:stable-8138-1                                    "/init"                  30 minutes ago   Up 30 minutes                                                                                                                                                                                          docker-jitsi-meet-stable-8138-1_jibri_1
5e316f60a43f   jitsi/jvb:stable-8138-1                                      "/init"                  30 minutes ago   Up 30 minutes>8080/tcp,>10000/udp, :::10000->10000/udp                                                                                                                docker-jitsi-meet-stable-8138-1_jvb_1
563bcd2de823   jitsi/jicofo:stable-8138-1                                   "/init"                  30 minutes ago   Up 30 minutes                                                                                                                                                                                          docker-jitsi-meet-stable-8138-1_jicofo_1
294fbb1ef599   jitsi/web:stable-8138-1                                      "/init"                  30 minutes ago   Up 30 minutes>80/tcp, :::8000->80/tcp,>443/tcp, :::8443->443/tcp                                                                                                         docker-jitsi-meet-stable-8138-1_web_1
5ec741c93827   jitsi/prosody:stable-8138-1                                  "/init"                  30 minutes ago   Up 30 minutes   5222/tcp, 5280/tcp, 5347/tcp                                                                                                                                                           docker-jitsi-meet-stable-8138-1_prosody_1

docker env variables:

# Authentication configuration (see handbook for details)

# Enable authentication

# Enable guest access

# Select authentication type: internal, jwt, ldap or matrix

# JWT authentication

# Application identifier

# Application secret known only to your token

# (Optional) Set asap_accepted_issuers as a comma separated list

# (Optional) Set asap_accepted_audiences as a comma separated list




I found at git and here at forum that this issue was fixed in the past, right know I have the newset version of docker jitsi, I cant find a reason of this issue. When I turn off the jwt token (ENABLE_AUTH=0) I can enter the room

token example:


Your token is missing sub field.

Thanks! This is it

What exactly is sub? Which docker env should represent this claim?

Internal XMPP domain


It’s not a docker env but the contents of the JWT token used.

Even if you disable subdomain verification, your tokens must still contain the ‘sub’ claim as documented here: lib-jitsi-meet/ at master · jitsi/lib-jitsi-meet · GitHub

1 Like