How to enable jwt token authentication in Docker self-hosted Jitsi? (Please help, trying for days)

Hello, I have a self-hosted Jitsi Server(Docker) and I am trying to enable the jwt token authentication option. I am looking at the self-host Docker guide. These are the relevant parts that I saw:

Here is the link of these pictures:
I have done the things told here. I have enabled the “ENABLE_AUTH”, “AUTH_TYPE” variables in the .env file and I specified a “JWT_APP_ID” and “JWT_APP_SECRET” in the .env file again. Then I did

docker-compose down


docker-compose up -d

But I can still create/join a room without a token. Can someone please please help me? Do I need to install extra plugins (if so, why didn’t they talk about it in the guide)? Or did I do something wrong? I am trying to do this for days…


I dıd ıt. Stıll no luck.

If possible, Can you share the URL by which you are trying to access jitsi-setup?

for jwt you have to use: https://localhost:8443/myroom?jwt=TOKEN

Of course

Can you try below config to generate token?

  "context": {
    "user": {
      "avatar": "",
      "name": "John Doe",
      "email": ""
  "iss": "my_jitsi_app_id",
  "sub": "https://localhost:8443",
  "room": "*"

It ıs not localhost for me becaseu I am connecting remotely

Yes please change it accordingly

Tried it. Same… No progress

Did you remove the previous config before running docker-compose up -d command?

For me it is working fine with below config.

# Select authentication type: internal, jwt or ldap

# JWT authentication

# Application identifier

# Application secret known only to your token

# (Optional) Set asap_accepted_issuers as a comma separated list

# (Optional) Set asap_accepted_audiences as a comma separated list


I left the optional parts (after the secret) commented. Did you install the prosody token plugin?

yes. token_verification is enabled by default.
{{ $JWT_TOKEN_AUTH_MODULE := .Env.JWT_TOKEN_AUTH_MODULE | default "token_verification" }} in jitsi-meet.cfg.lua

{{ if and $ENABLE_AUTH (eq $AUTH_TYPE "jwt") }}
        "{{ $JWT_TOKEN_AUTH_MODULE }}";
{{ end }}

Set prosody to debug mode using - LOG_LEVEL=debug and check for token_verification

I dıd not :smiley: maybe that ıs why but ın the guide it does not talk about the plugin

Waıt. I dıdnt catch it. How will I Set prosody to debug mode using LOG_LEVEL=debug? Where will I do ıt? And ıf ıt ıs default should I not ınstall the plugin?

add LOG_LEVEL=debug in docker-compose.yml file under service: prosody environment

Okay I wıll. I have to go right now but as soon as I do it, I will write here. You are the most helping person thank you so much, hope I can contact again.

1 Like

If I won’t help anyone then no one will help me.

Hello, I did not remove the previouse config but instead did “docker-compose down” and then “docker-compose up -d”. (I stıll could not do the debug thing [not accesing the server rn] but I tried to enter a room with the token and the name of the person I wrote to the token got displayed on the screen. I think the token is being registered correctly but I still could join w/o a token)

I dıd this and restarted the server but I do not know where to check.

what’s the value of JWT_ALLOW_EMPTY?