How to pass user authentication through jitsi-meet external API

Dear developers, tell me please. I can not find any information on this issue in any way :anguished:

I am trying to embed jitsi meet inside an web page using jitsi-meet external API listed here: jitsi-meet-api . Our jitsi-meet is not open to public and protected with XMPP authentication. How can I pass the authentication information through jitsi-meet API? So if you know a better solution please suggest

You can use jwt to authenticate. I just installed it and here are my notes:

Good luck!

Thank you very much I will try!

token authentication works, thanks for your note! :slightly_smiling_face:


We are using Jitsi Meet Api within web application. Where the users connect using the same room id.
I have not implemented Authentication in the Jitsi server. If I do , How can i pass the credentials in the Jitsi API

How JWT Token works? Do i need to add the users in Prosody ?


You don’t need to. If you have enabled authentication with username/password the UI will ask the user to input username and password.

If you enable username and password authentication, then you need to create users in prosody, or configure prosody to get user information from somewhere.

JWT you can use when embedding jitsi-meet in an app which already has authentication and some server side module/service using that authenticatino can create tokens which are then passed to jitsi-meet to grant access to that user. Tokens have expiration and can be per room or for all rooms: lib-jitsi-meet/ at master · jitsi/lib-jitsi-meet · GitHub

My structure
in The Electron App i am calling
Once the user login to the portal
In one of the menu, I am calling Jitsi meet Api by passing the room id.

If I enable Authentication , the User will be asked again to enter the username and password.
I am trying to avoid that.

So i should JWT ? correct ?

Yes, you should use jwt.

Thanks a lot


In the above scenario, I have the domain still open to world if they goto my subdomain url ( https://subdomain).

How can i protect it ?

Can i use Authentication for the Web page and use JWT when connecting through Jitsi API ?

1 Like

I don’t understand your question.

My structure
in The Electron App i am calling
Once the user login to the portal
In one of the menu, I am calling Jitsi meet Api by passing the room id with the Jitsi Server (Subdomain:

You had suggested to use JWT instead of Authentication for Jitsi API .

My Question
How do i secure
If i enable Authentication for , will i still be able to use JWT with Jitsi API inside my Custom Web Application (

You are enabling jwt, you can configure to be able to join a conference only with jwt, isn’t this enough?
There is no way two authentication mechanisms to work together …

@damencho i have a question. Is there a way to show “authentication/waiting for the host” popup inside embedded external Jitsi API ?

When i go to my hosted jitsti instance and im not authorized the popup comes up. That does not happend inside embedded Jitsi Api iframe.Screenshot 2020-04-29 at 11.36.41


    <script src=""></script>
                var mID = getUrlVars()["m"];
                    var domain = "Added y domain here";
                    var options = {
                        roomName: mID,
                        width: 1024,
                        height: 900,
                        parent: undefined,
                        configOverwrite: {},
                        interfaceConfigOverwrite: {
                            filmStripOnly: false
                    var api = new JitsiMeetExternalAPI(domain, options);
                    api.executeCommand('displayName', userName);

                    //api.executeCommand('password', 'abc123456'); 

                console.log('====' + JSON.stringify(api));

                function getUrlVars(){
                    var vars = [], hash;
                    var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&');
                    for(var i = 0; i < hashes.length; i++)
                        hash = hashes[i].split('=');
                        vars[hash[0]] = hash[1];
                    return vars;
Meeting is working fine , I just want to make this meeting password protected or somehow want to make it authenticated so that only authorize users can access the meeting. I have tried but somewhere found we can not make meeting password protected you can see above API code for password, so can anyone suggest how can I authenticate meeting so only authorize user can access.

Please suggest how can I do that. or how can I use JWT token for this authentication.

I have the same questions. Did you figure this out?

Have a look at this conversation that might help.

hey i want to auto fill username and password and submit so how can do it?


I found a way to auto fill username and password using jQuery but unfortunately I can’t auto submit them and I don’t understand why…

1 Like

I can use api.executeCommand to submit, but what is the user field over there?
I have username/password enabled in prosody, in embeded jitsi I want to set user/password from a data source automatically rather than the user.
What is the user field name?