Русский flag Русский

IT support for business, startups and developers

Jitsi Meet: Enabling Authentication and Server Optimization

Published on 2025-09-10

In the previous article, we deployed a basic Jitsi Meet server using Docker.
Now let’s look at how to secure your server, enable authentication, and optimize performance for stable video calls.

Authentication: Invite-Only Access

By default, Jitsi Meet allows anyone to create rooms. To restrict access — enable Secure Domain.

  1. Open the .env file and find the Prosody (XMPP server) section.
    ENABLE_AUTH=1
AUTH_TYPE=internal

Here, internal means that users will be stored locally.

  1. Add users for authentication:

    docker compose exec prosody prosodyctl register user1 meet.jitsi StrongPassword
docker compose exec prosody prosodyctl register user2 meet.jitsi StrongPassword

  2. Restart the containers:

    docker compose down && docker compose up -d

Now only registered users will be able to create conferences. Guests can join only via a link, if invited by an authenticated user.

If you want a conference to be available only to those you send the link to:

  1. Set a room password (done in the Jitsi Meet interface).
  2. Or use built-in JWT tokens for integration with an external authentication system (e.g., Keycloak or Google OAuth).

To enable JWT in .env:

ENABLE_AUTH=1
AUTH_TYPE=jwt
JWT_APP_ID=your_app_id
JWT_APP_SECRET=your_app_secret

Optimization for Load

To ensure the server can handle many participants:

1. Correct Firewall Ports

  • 10000/udp — main media stream (always required).
  • 4443/tcp — fallback if UDP is blocked.

2. JVM Settings for JVB

In .env you can increase limits for the Java Video Bridge:

JVB_ENABLE_APIS=rest,colibri
JVB_ENABLE_STATS_D=1
JVB_MAX_MEMORY=3072m

3. Scaling JVB

For heavy loads, you can run multiple jvb containers on different servers and balance them.

SSL and HTTPS

  • Make sure ports 80 and 443 are open.

  • For production, set up automatic certificate renewal:

    docker compose exec web /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

Monitoring and Logs

  • View logs:

    docker compose logs -f

  • Metrics are available via the JVB REST API (port 8080), which can be connected to Prometheus or Grafana.

Conclusion

Now your Jitsi Meet server:

  • Supports authentication to restrict access.
  • Can work in “invite-only” mode.
  • Is optimized for high load and ready for monitoring.

This makes it a reliable alternative to cloud services, with full control over your data.

Tags: #Jitsi Meet #Docker #Authentication #Security #Optimization
Did this help? Support me
Support on Boosty

Need help?

Get in touch with me and I'll help solve the problem

Kwork LinkedIn Email Telegram Upwork GitHub

Related Posts