Jitsi Meet OAuth Authentication

Hi everyone.
I need to use an oauth based external authentication service in the main jitsi meet domain. This service requires a client id, client secret and redirect url. Then when requested it returns a code that needs to be exchanged for a token in a new request.
I have all parameters to setup but don’t know how to implement it in prosody/jicofo.

If anyone has already a solution I’ll be thankfull.

Regards.

2 Likes

Interested in this as well.

1 Like

Check this https://github.com/jitsi/jicofo/blob/master/doc/shibboleth.md

Thanks for answer. Instead of using shibboleth, I already have a service provider which gives authenticates the user and gives me the token.
What I need is the following:

  1. A user creates a meeting room
  2. As user needs to login, I need Jitsi redirects to oauth server.
  3. User approves the app’s request
  4. User is redirected back to Jitsi with an access token in the URL fragment

All i need is that instead of jitsi validating the user, it is done by an oauth server.

Hope you understand.

Thanks.

My authentication server is using OpenId Connect instead of pure OAuth. Its possible that jitsi authenticates using an openid connect client?

2 Likes

Like to have this too!

For getting oauth to work you need 2 things :

I have been struggling with it alot, and finally ( like an hour ago ) got it to work.

For me to get it successfully running with my Microfocus AccesManager i had to make some alterations in mod_auth_oauthbearer.

Still playing with the authorisation mechanism, as its not ‘working as expected’ as of yet, but making (slow) progress…whilst looking at the oauthbearer auth module i am enriching/changing it for the use i am after.

hope this helps …

Using OpenID (Apache or Nginx) worked

@namtel would you share the Apache / nginx OpenID config? Did you manage that guests get served a “waiting” page and are not required to log in?