Hello,
We are running a self-hosted installation of Jitsi in a scalable setup. We use JWT for authentication for starting a conference. Accessing a running conference is possible for anonymous users (=no JWT). User with JWT gets moderator rights. Our JWT includes also “room” claim and so it should match to conference room name.
As a moderator user I can create a breakout room, but when I try to join it, I get a page with text “Sorry! You are not allowed to be here”. Users, who joined the main conference without a JWT can join breakout rooms without issues.
In prosody logs I find this error:
breakout.<myhost>:token_verification error Token eyJ0eXAi..... not allowed to join: bb747194-be1d-4d61-b7b5-d276706c4513@breakout.<myhost>/b8612835
I suppose, it’s because claim “room” of the token doesn’t match the room name of the breakout room.
I tried with both enabled and disabled token_verification module in the prosody config - doesn’t make any difference
Component "breakout.<myhost>" "muc"
restrict_room_creation = true
storage = "memory"
modules_enabled = {
"muc_meeting_id";
"muc_domain_mapper";
-- "token_verification";
"muc_rate_limit";
}
admins = { "focus@auth.<myhost>" }
muc_room_locking = false
muc_room_default_public_jids = true
I can confirm, that when using “*” for the “room” claim, joining breakout rooms for moderator works. Unfortunately, using “*” is not an option.
Do you have some suggestions, how this issues can be solved? Maybe there is a workaround, similar to this, possible?