Implementing Jitsi Meet Docker with Keycloak


Does anyone have experience with implementing Jitsi-Meet-Docker/kubernetes with Keycloak? Is there a straight-forward way to implement this set-up?


Does anyone have any feedback on this topic? Please help.

I have just a little tip. Nothing special, but may help.

I have a fully operating client of Keycloak, working perfectly for loggin in on my “WebApp” (not the Jitsi one). I wanted to authenticate users automatically, using JWT token directly coming from Keycloak. I have a backend server that respond for some APIs with REST protocol.

Since Jitsi can use JWT tokens as authentication, but needs a specific format for it, I created a simple Kotlin class to take all the data I need and just put it as output. So, the user MUST be already authenticated by my WebApp to call this route, so I can surely know that the user that wants Jitsi is legit.

JWT options for Jitsi are here:

In my .env i put this params:

# Enable authentication
 # Select authentication type: internal, jwt or ldap
 # Application identifier (change it!)
 # Application secret known only to your token generator (CHANGE IT!!!)
 # OPTIONAL found on internet

In my application.config (it’s a SpringBoot Application) I put all the configs needed to read correct params, such as AppID and Secret, also the domain used by Jitsi. There is a class that reads all the data needed:

class ConfigDataJitsi {
    var secret: String = ""
    var appId: String = ""
    var sub: String = ""

Then I have a class that manages to create a valid JWT token:

class JitsiJwtManager(
    private val secret: String,
    private val aud: String,
    private val iss: String,
    private val sub: String,
    private val userService: UserService
) {
    constructor(configDataJitsi: ConfigDataJitsi, userService: UserService)
            : this(configDataJitsi.secret, configDataJitsi.appId, configDataJitsi.appId, configDataJitsi.sub, userService)
    fun Room getJwtFor(room: Room, authInfo: AuthInfo) : String {
        val user = User(authInfo.requireUsernameNotNull(), userService.getMailOf(authInfo.requireUsernameNotNull()), userService.getAvatarUrlOf(authInfo.requireUsernameNotNull()))
        val context = Context(user)
        val jwt = Jwt(context, aud, iss, sub,

        return Jwts.builder()
            .setHeader(mapOf("typ" to "JWT"))


  • ConfigDataJitsi is the class above
  • AuthInfo is the class that interacts with Keycloak
  • Context it’s just a class Context (val user: User)
  • User it’s just a class User (name, email, avatar), all strings.
  • Jwt it’s just a class (context, aud, iss, sub, room)

With this utility i can create a JWT token based of user details from Keycloak, not strictly using the Keycloak JWT, but reading it and transforming it into a “readable” format for Jitsi. After creating it, I just open my room in my jitsi server like this:

Automatically, user will be authenticated with his avatar (Base64) and his username.


Thank you!


Can someone provide more assistance on implementing Jitsi Meet Docker (kubernetes) with Keycloak. I followed the instructions in this link: GitHub - d3473r/jitsi-keycloak: Login to jitsi with keycloak
However, I am not getting the authentication window. Can someone please assist???