Meetrix.IO

Meetrix.IO

Enabling Collaboration through Real Time Communications

Single-Sign-On integration is based on 3 blogs. If you have not setup Okta account please follow below blog before reading this blog.

Introduction

In this guide, first you have to install jitsi meet. Then follow next steps to integrate authentication methods.

Installl Jitsi Meet

Choose a guide suitable for your operating system and install Jitsi Meet first.

  • To install jitsi on Ubuntu 20.04, follow this guide

  • To install jitsi on Ubuntu 22.04, follow this guide

  • To install jitsi on Debian 11, follow this guide

Integrate Secure domain, JWT Authentication and Guest login on Jitsi Meet

Prosody configuration

These changes should be made in /etc/prosody/conf.d/<JITSI_DOMAIN>.cfg.lua

Enable authentication

Inside the VirtualHost "<JITSI_DOMAIN>" block, replace anonymous authentication with jwt authentication and add below variables,

VirtualHost "<JITSI_DOMAIN>"
    authentication = "token"
    app_id = "your_app_id";
    app_secret = "your_app_secret";
    allow_empty_token = true;
  • app_id and app_secret will be needed for sso integration.

Enable anonymous login for guests

Add this block after the previous VirtualHost to enable the anonymous login method for guests:

VirtualHost "guest.<JITSI_DOMAIN>"
    authentication = "anonymous"
    c2s_require_encryption = false

Jitsi Meet configuration

In config.js, the anonymousdomain options and add token authentication url has to be set.

These changes should be made in /etc/jitsi/meet/<JITSI_DOMAIN>-config.js .

var config = {
    hosts: {
            domain: '<JITSI_DOMAIN>',
            anonymousdomain: 'guest.<JITSI_DOMAIN>',
            ...
        },
    tokenAuthUrl : "https://<SSO_MIDDLWARE_DOMAIN>/generateToken?room={room}",
}

Jicofo configuration

Below part should go as a new 'authentication' section in /etc/jitsi/jicofo/jicofo.conf .

jicofo {
  authentication: {
    enabled: true
    type: JWT
    login-url: <JITSI_DOMAIN>
 }
 ...

Restart prosody and jicofo

sudo systemctl restart prosody.service
sudo systemctl restart jicofo.service


Next: You have to create middleware for the SSO integration

Setup middleware for Single sign on authentication for Jitsi Meet

Updated:

Leave a Comment