User rights and features via JWT token in local jitsi environment

We are using JaaS and a local/self-hosted version of Jitsi.

At our JaaS deployment, we add the following context at our JWT token payload:

'context' => [
    'user' => [
        'moderator' => $USER_IS_MODERATOR ? "true" : "false",
        'email' => $USER_EMAIL,
        'name' => $USER_NAME,
        'avatar' => $USER_AVATAR_URL,
        'id' => $USER_ID
    'features' => [
        'recording' => $RECORDING_IS_ENABLED ? "true" : "false",
        'livestreaming' => $LIVESTREAMING_IS_ENABLED ? "true" : "false",
        'transcription' => $TRANSCRIPTION_IS_ENABLED ? "true" : "false",
        'outbound-call' => $OUTBOUND_IS_ENABLED ? "true" : "false"

If we try the same setup for our local jitsi deployment, it does’nt work. The name value is fully functional, but the moderator rights as well as all the features (recording, livestreaming) are not recognized.

We are only using the jitsi-meet-token plugin. Is there any additional plugin we need to install to get this functionality?

To filter livestreaming/recording you need to enable: jitsi-meet/mod_filter_iq_jibri.lua at master · jitsi/jitsi-meet · GitHub
And for jigasi you need to enable: jitsi-meet/mod_filter_iq_rayo.lua at master · jitsi/jitsi-meet · GitHub

mod_filter_iq_rayo is the plugin which handles the “moderator” setting via JWT? we are not working with jigasi. is it the only way to handle it?

Nope, this is just to disallow dial-out or requests to the transcribers for participants with no jwt and missing feature entries in jwt. If you are not using jigasi then you don’t need this in your jwt:

'transcription' => $TRANSCRIPTION_IS_ENABLED ? "true" : "false",
'outbound-call' => $OUTBOUND_IS_ENABLED ? "true" : "false"

We do not have such plugin in jitsi-meet.

you are right. Thanks for the tip!

Ok, but it is available by default @ JaaS. Anybody else an idea how to get this done? :slight_smile: