How to pass user authentication through jitsi-meet external API

token authentication works, thanks for your note! :slightly_smiling_face:

Hi

We are using Jitsi Meet Api within web application. Where the users connect using the same room id.
I have not implemented Authentication in the Jitsi server. If I do , How can i pass the credentials in the Jitsi API

How JWT Token works? Do i need to add the users in Prosody ?

Thanks

You don’t need to. If you have enabled authentication with username/password the UI will ask the user to input username and password.

If you enable username and password authentication, then you need to create users in prosody, or configure prosody to get user information from somewhere.

JWT you can use when embedding jitsi-meet in an app which already has authentication and some server side module/service using that authenticatino can create tokens which are then passed to jitsi-meet to grant access to that user. Tokens have expiration and can be per room or for all rooms: https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md

My structure
in The Electron App i am calling https://employee.domain.com
Once the user login to the portal
In one of the menu, I am calling Jitsi meet Api by passing the room id.

If I enable Authentication , the User will be asked again to enter the username and password.
I am trying to avoid that.

So i should JWT ? correct ?

Yes, you should use jwt.

Thanks a lot

Damencho

In the above scenario, I have the domain still open to world if they goto my subdomain url ( https://subdomain).

How can i protect it ?

Can i use Authentication for the Web page and use JWT when connecting through Jitsi API ?

1 Like

I don’t understand your question.

My structure
in The Electron App i am calling https://employee.domain.com
Once the user login to the portal
In one of the menu, I am calling Jitsi meet Api by passing the room id with the Jitsi Server (Subdomain: meet.domain.com).

You had suggested to use JWT instead of Authentication for Jitsi API .

My Question
How do i secure meet.domain.com?
If i enable Authentication for meet.domain.com , will i still be able to use JWT with Jitsi API inside my Custom Web Application (employee.domain.com).

You are enabling jwt, you can configure to be able to join a conference only with jwt, isn’t this enough?
There is no way two authentication mechanisms to work together …

@damencho i have a question. Is there a way to show “authentication/waiting for the host” popup inside embedded external Jitsi API https://github.com/jitsi/jitsi-meet/blob/master/doc/api.md ?

When i go to my hosted jitsti instance and im not authorized the popup comes up. That does not happend inside embedded Jitsi Api iframe.Screenshot 2020-04-29 at 11.36.41

Hi

    <script src="https://meet.jit.si/external_api.js"></script>
    <script>
                var mID = getUrlVars()["m"];
                console.log(mID);
                    var domain = "Added y domain here";
                    var options = {
                        roomName: mID,
                        width: 1024,
                        height: 900,
                        parent: undefined,
                        configOverwrite: {},
                        interfaceConfigOverwrite: {
                            filmStripOnly: false
                        }
                    }
                    var api = new JitsiMeetExternalAPI(domain, options);
                    api.executeCommand('displayName', userName);

                    //api.executeCommand('password', 'abc123456'); 

                console.log('====' + JSON.stringify(api));

                function getUrlVars(){
                    var vars = [], hash;
                    var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&');
                    for(var i = 0; i < hashes.length; i++)
                    {
                        hash = hashes[i].split('=');
                        vars.push(hash[0]);
                        vars[hash[0]] = hash[1];
                    }
                    return vars;
                }
            </script>
    ```
Meeting is working fine , I just want to make this meeting password protected or somehow want to make it authenticated so that only authorize users can access the meeting. I have tried but somewhere found we can not make meeting password protected you can see above API code for password, so can anyone suggest how can I authenticate meeting so only authorize user can access.

Please suggest how can I do that. or how can I use JWT token for this authentication.

@premanandmanimaran21
I have the same questions. Did you figure this out?

Have a look at this conversation that might help.

hey i want to auto fill username and password and submit so how can do it?

2 Likes

I found a way to auto fill username and password using jQuery but unfortunately I can’t auto submit them and I don’t understand why…

1 Like

I can use api.executeCommand to submit, but what is the user field over there?
I have username/password enabled in prosody, in embeded jitsi I want to set user/password from a data source automatically rather than the user.
What is the user field name?

can someone help in configuring our setup such that host dont have to enter credentials… they come clicking a URL and the conference starts…

Has anyone been able to achieve,…

Could you please elaborate in detail about your requirment ?

 authentication = "internal_plain"

In this case, how can I pass authentication via jitsi meet api?