Introduction

  • Single-Sign-On is an authentication method that allows a user to securely authenticate with multiple applications and websites using a single set of credentials.

  • In this guide, we have used Okta SAML authentication to integrate the SSO feature with jitsi meet.

  • Middleware for the integration was from the project Jitsi-SAML2JWT

Integration is based on 3 blog articles.

  1. Integrate single sign on authentication for Jitsi Meet via Okta
  2. Setup JWT, Secure domain and guest access with Jitsi Meet
  3. Setup middleware for Single sign on authentication for Jitsi Meet

After following this guide(1) you will be directed to other guides(2 and 3) from the links at the end of this blog.

Requirements

To implement this feature with jitsi meet, following are needed.

  1. Server 1 - To install jitsi meet
  2. Server 2 - To implement middleware
  3. Okta account

Placeholders

Before the guide we will define few placeholders that will use throughout the guide. Please use original values according to your need

<JITSI_DOMAIN> : Jitsi domain
<SSO_MIDDLWARE_DOMAIN> : Domain for the SSO Service Provider
<SP_ENTITY_ID> : SP entity id. can be any unique value
<METADATA_URL> : IDP metadata url. Will be define later 
<IDP_ENTITY_ID> : IDP entity id. Will be define later

Connect with Okta

  1. Create an Okta account and go to admin panel.

  2. Go to applications menu on left side

  3. Click on create app integration

  4. Select SAML 2.0

  5. Give application name and click Next

  6. Fill Following fields with as below and leave others default

    1. Single sign-on URL : https://<SSO_MIDDLWARE_DOMAIN>/Shibboleth.sso/SAML2/POST
    2. Audience URI (SP Entity ID) : <SP_ENTITY_ID>
    3. Add below Attribute Statements with following content
      1. urn:mace:dir:attribute-def:displayName : user.firstName
      2. urn:mace:dir:attribute-def:mail : user.email
  7. Click next and finish. Now application should be created

  8. Click on Sign-On tab and go to SAML Signing Certificates section. From there select active certificate and view IDP metadata. Copy that Url. This is <METADATA_URL>. Copy entityID from first line. This is <IDP_ENTITY_ID>

  9. Go to Assignments and assign people to your application. Thats it for Okta configuration


Next: You have to create middleware and authentication in jitsi for Single Sign On function to work successfully

Setup JWT, Secure domain and guest access with Jitsi Meet

Setup middleware for Single sign on authentication for Jitsi Meet

Updated:

Leave a Comment