Jitsi Meet authentication & authorization


#1

What exactly are the authentication options that are available in Jitsi Meet?

  • When the XMPP server allows anonymous access, everyone appears to be able to create and join rooms.
  • If the XMPP server does not allow anonymous access, a login prompt pops up before you can create or join a room.
  • When you’re in a room, a password can be set, which causes new participants to be prompted for a password.
  • I’ve heard rumours about a JSON Web Token?

Are that more flavors to this?

Would it, for instance, be possible to require people to authenticate to create/join rooms, but also allow anonymous users (or users identified by a one-time password or token generated from Meet) to join the room?


#2

Hey there,

About tokens, there is an option in config.js:


When this is enabled there are certain features that are only available for users using tokens, like inviting people, dialing out, recording … there is no documentation around that at the moment, but we can work and add one.
In the default deployment the token get passed to the xmpp server where the xmpp server validates it and checks whether the token gives permission to join a room authenticated.

Currently there is no restriction for creating rooms, but if the token doesn’t allow joining to roomX this will be forbidden the user to join that room as authenticated user.


#3

Hi,

I’d like to know where to find the latest documentation on authentication.
A few years ago I remember using authentication on jisti-meet with xmpp accounts (prosody), but it seems things have evolved and now even JWT is available.

Where can I read up about this?

Thanks


#4