Jibri recording failure with prosody error "Token nil not allowed to join" after JWT enable

I have successfully setup a standalone self-host jitsi-meet with jibri together. All 3rd-party conference and recording are working well before jwt enabled

But when I enabled the JWT as the official guide

I found all functions of jitsi-meet worked well except jibir with following errors:
2022-09-12 16:48:40.882 INFO: [162] AbstractPageObject.visit#38: Waited 555ms for driver to load page
2022-09-12 16:48:40.900 FINE: [162] CallPage$visit$$inlined$measureTimedValue$lambda$1.apply#58: Not joined yet: Cannot read properties of undefined (reading ‘isJoined’)
2022-09-12 16:48:41.405 FINE: [162] CallPage$visit$$inlined$measureTimedValue$lambda$1.apply#58: Not joined yet: Cannot read properties of undefined (reading ‘isJoined’)
2022-09-12 16:48:42.415 FINE: [162] CallPage$visit$$inlined$measureTimedValue$lambda$1.apply#58: Not joined yet: APP is not defined
2022-09-12 16:48:42.920 FINE: [162] CallPage$visit$$inlined$measureTimedValue$lambda$1.apply#58: Not joined yet: APP is not defined

And meanwhile, I found the prosody log reported following error info:
Sep 12 16:09:37 conference.jitsi.3vyd.com:token_verification error Token nil not allowed to join: alex@conference.jitsi.3vyd.com/b49101c1

Looks like the recording also need the jwt token to join. but I already set “allow_empty_token = false” in prosody, I am not sure whether I missed any other jwt configuration for jibri recording feature, please help me to figure out, thanks a lot

I add more prosody log with the same timestamp as jibri recording error:

|Sep 12 16:48:41 bosha4b53629-fa5e-44dd-8c35-e219c294420d|info|Authenticated as recorder@recorder.jitsi.3vyd.com|
|Sep 12 16:48:42 conference.jitsi.3vyd.com:token_verification|error|Token nil not allowed to join: alex@conference.jitsi.3vyd.com/86cb3761|

Did you add recorder account into the admins list in your prosody config?

Do you mean add this line "admins = { “focus@auth.”, “recorder.” } " in prosody configuration as below?

I changed it but still not working.
If I did not catch your point, would you please help to share how to check, thank you

Component “conference.” “muc”
restrict_room_creation = true
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
“polls”;
“token_verification”;
– “token_affiliation”;
“token_moderation”;
“muc_rate_limit”;
}
admins = { “focus@auth.”, “recorder.” }
muc_room_locking = false
muc_room_default_public_jids = true

Hi emrah,
Thanks for your light, I try to change it to “recorder@recorder.domain” in prosody configuration and jibri recording work well with jwt enabled.
Thanks a lot for your support so quickly

1 Like

Can you please share which section you edited?

Thanks

  • in /etc/prosody/conf.d/jitsi.yourdomain.com.cfg.lua
  • in Component "conference.jitsi.yourdomain.com" "muc" block
  • add recorder@recorder.jitsi.yourdomain.com into admins
1 Like

Hi @emrah I have added this and “IT WORKS!”. My next question is why did this need changing as it worked on previous releases?

Because the default configuration for token authentication in codes has been changed.

1 Like

@emrah Just wonder why “recorder” hasn’t been added as an Env config for admins inside prosody docker config. Any idea?
cc @damencho

Sorry, no idea about Dockerized setup

@saghul Is this expected to not have “recorder@recorder.domain” as part of admins list in docker setup?