Validate before connection/conference begins

Hi There.
I have a self hosting jitsi (docker) working with jwt, and everything works fine. At the moment, when i access the browser, everything runs automatically and everything is good.

I have some validations on index.html file on web container but i want to set a validation, and just in case of that validation passes, then the connection/conference should be initiated . Any ideas how i could accomplish that?

Thank you very much.

What kind of validation do you mean?

i have a site that opens an iframe with jitsi (the src of iframe is the url with jwt token already). Then, on index.html html of jitsi i send a message (via PostMessage in javascript) to its parent to request an id. If the window parent sends me back a message with the data i requested, then i want to initiate the connection/ conference.

I already have some basic validations like:

if (! {

        throw new Error("state is not ready. try again");

    } else if (!["features/base/connection"]) {

        throw new Error("connection is not ready. try again");


if (typeof APP !== “undefined” &&

        typeof APP.conference !== "undefined" &&

        typeof APP.conference._room !== "undefined"


            typeof APP.conference._room !== "undefined"*/) {


Thank you

You can check id before creating the JWT token and iframe

That wouldn’t work for my case. Imagine that someones picks that url and can access to the chat without any problems.

Why don’t you do that checking before creating the jwt, that’s the idea of the jwt, provide it only to authenticated users.

Ok, i understand that and it’s working like you said. But imagine an authenticated user (it’s a user of other application, this application creates a jwt to him) gives me his url.
I want to sure that i can’t acess to the conference in the browser with his url and outside of my application.

If your concern is users sharing their URL and inadvertently sharing the JWT too, then how we address this is using an intermediate token.

For example, instead of app loading jitsi with JWT attached in URL, the app loads an intermediate landing page with a time-limited token. On the landing page, an API call is made to the app to validate the token and getting back the JWT; it then uses that JWT to load Jitsi via IFrame API.

From the user’s perspective, they see https://landing/<TOKEN> in their location bar and not the JWT token, and (depending on how you authenticate the token) the URL will not work for another user if they simply copy paste the URL to someone else.

If I understood your question correctly, then this is not far off from what you’re suggesting except that it is your app that does the pre-validation rather than rely on Jitsi.

Thank you . It is a nice solution to study.

My solution for now is doing some validations and if everything is ok i run this code (thia was already in index.html and that do all the magic, i didn’t understand that):{



Thank you all guys.