Delegating security/auth to external systems

We have an existing system we would like to integrate with Jitsi. It has registered users with various roles and we would like these users to be able to talk directly with one another. 1:1 or more people.

We would like to

  • only allow registered/authenticated users from an existing system to connect to a conferencing session
  • restrict the list of users that can connect to a session to a predefined list for each session
  • Allow authenticated users directly into a session that would start immediately if the user is eligible to enter the room

This is a bit different from the current url+password style security that is there by default, but I could not see it being covered by the FAQ. Has anyone done something similar, or could provide hints to how I could implement this? Does Jitsi support some form of plugin/extension architecture that could be used in achieving something like this to avoid forking the project?

Hi @fatso83 and welcome to the community!

I think all of the requirements you pointed can be achieved with jwt tokens.
As you will have control over the service generating the tokens you can assign a unique room name to a list of users, and allow your system to be accessible only with a valid token.
This way only participants with tokens for a particular room will be able to access it.

Thank you, that’s a great start, as it seems to fit the bill perfectly!