we are planning to enable JWT for our JITSI on prem server (Debian10 based). So, what’s the correct procedure for that?
Dear, this works in my installation but I have some little troubles… First, JWT seems to work bu I get Auth Error. Token has been generated well (validated by JWT.io but I get the red message with “Auth Failed” .
Second, why JTW.io can “decode” my JWT Token if I have used the secret string with the JWT::encode($payload, $key) method ? Prodoy Log: Error verifying token err:not-allowed, reason:Invalid issuer (‘iss’ claim)
Do you mean the “Invalid Signature” message? If so, this is the mismatch key issue.
The JWT is not for keeping secret. The content can be see by everybody. Therefore don’t put a secret (something like password) in token. It’s only guarantees that the content is prepared by a trusted system.
Compare the token content and the prosody token config.
iss should match.
Yes I have resolved with the correct Application_ID .Thanks
Just a question: I have always a gravatar erro in console (file not found 404), but the URL is correct. Also, Is it possible to define moderator or guest in a specific JWT token? I have tried with moderator=false, but the system grants always moderator