JWT token is understood (the username in the token is displayed) however I can still join a room without a token. Why?

Hello I am trying to use the jwt authentication option of Jitsi. I have a self hosted server configured on Docker. I changed the variables of auth_type, jwt_id, jwt_secret, etc. in the .env file. Then I restarted the server. Then I copied a url with a jwt token which contains a specific username. When I entered, that username was shown on the screen. So from this, I get that the token I sent was processed and was correct. So the understanding of a jwt token is working. However, when I try to join the same room from another browser window without a token, I can. I should not be able to. Any ideas why the authentication does not work?

Can you join with a broken token?

https://your.domain.com/room?jwt=broken

yes :confused:

This means that your system has no token based authentication