Element/riot integration - specifically user creation

I am new to jitsi etc.
I followed the installation process from here. I am not 100% sure if this is the right place to ask this - possibly it is a riot problem and doesn’t belong here (apologies in advance if that’s the case)

I have a working system up and running, including

“You then refresh your Riot/Web, and you should be all set to use Jitsi from within your new Riot - as Riot/Web 1.5.15 and later has the ability to natively embed Jitsi straight into the app without needing to use an integration manager.”

  • I don’t quite grasp the user authentication part here.
    • Will jitsi be usable by only the configured riot users?
    • Would I need to create prosody users to match the riot users?
  • Would I need to redirect jitsi.domain.comriot.domain.com to enforce this, or is there a more elegant way to do so?

Thanks for the awesome product and the help

IIRC Riot uses JWT for authentication with Jitsi. So if your deployment has that configured, and you don’t allow empty tokens you’d only allow Riot users to join your deployment.

Thank you for the reply. I will experiment and report back

Sorry to bother again - I have searched (unsuccessfully) for an example to modify. I’m not any level of expert, so the best I can do is tweak the brilliance of others to suit my needs.

I think I need to edit the /etc/matrix-synapse/homeserver.yaml file and adjust the settings in this section

#jwt_config:
    # Uncomment the following to enable authorization using JSON web tokens. Defaults to false.
    #enabled: true

    # This is either the private shared secret or the public key used to decode the contents of the JSON web token.
    #secret: "provided-by-your-issuer"

    # The algorithm used to sign the JSON web token. Supported algorithms are listed at https://pyjwt.readthedocs.io/en/latest/algorithms.html
    #algorithm: "provided-by-your-issuer"

    # The issuer to validate the "iss" claim against. Optional, if provided the "iss" claim will be required and validated for all JSON web tokens.
    #issuer: "provided-by-your-issuer"

    # A list of audiences to validate the "aud" claim against.
    # Optional, if provided the "aud" claim will be required and validated for all JSON web tokens.
    # Note that if the "aud" claim is included in a JSON web token then validation will fail without configuring audiences.
    #audiences:
    #    - "provided-by-your-issuer"

I also looked at https://jwt.io/ to generate tokens, but I have absolutely no idea what goes where, and how this ties in with jitsi.

Can you point me in the direction of any examples of the 2 working together?

The only resource I could find is matrix-docker-ansible-deploy/configuring-playbook-jitsi.md at 1e0777f2ed39dc583e2ad21f47a60e1af1dd5926 · spantaleev/matrix-docker-ansible-deploy · GitHub but it only supports internal and ldap authentication, not JWT :frowning:

Thanks again for the time/trouble/reply.
If i find anything useful or get it working, I will post the findings

I just found this: GitHub - matrix-org/prosody-mod-auth-matrix-user-verification: Matrix user verification auth for Prosody

1 Like

WOW…looks perfect - I will try it out tomorrow!
Thank you VERY much for the help.