Skip to content

Allow Jitsi to use Keycloak as an identity and OIDC provider. SSO support for Jitsi

License

Notifications You must be signed in to change notification settings

nordeck/jitsi-keycloak-adapter

Repository files navigation

Jitsi Keycloak Adapter

Allow Jitsi to use Keycloak as an identity and OIDC provider.

1. Features

  • SSO for Jitsi through Keycloak. Allows Jitsi to run as an OIDC consumer.
  • Allows to use config params in URL (such as #config.prejoinConfig.enabled=true)
  • Allows guest users and wait for host screen if needed
  • Not based on the external JWT which will be deprecated in the near future.
  • Not based on tokenAuthUrl

Check flows if you are interested in how it works.

2. Setup

See standalone setup guide to install it on a standalone Jitsi server.

See Docker setup guide to integrate it with a Dockerized Jitsi setup.

3. Keycloak configuration

Create client inside realm.

  • Set client id
  • Add Jitsi URL into Valid redirect URIs
  • Add Jitsi URL into Web origins
  • Set Access type
    • For Keycloak versions < 20.x, set Access type to public:

      Screenshot Keycloak pre-20

    • For Keycloak versions >= 20.x, disable Client authentication.

      Screenshot Keycloak 20

4. Similar projects

5. Sponsors

Nordeck