Jitsi Meet
Jitsicollaboration4 credentials
Prosody / Secure Domain User Password
jitsi-meet / prosody-user-password
Jitsi Meet secure domain configuration prompts users for a username and password before allowing creation of new rooms. Jitsi documentation shows configuring Prosody authentication for authenticated room creation.
Location
/etc/prosody/conf.avail/*.cfg.luaProsody virtual host authentication configuration for Jitsi Meet
Prosody internal storage or configured auth backend containing user password verifier data
deployment secrets, Ansible Vault, Kubernetes Secrets, and password vaults
Docker Compose files, Helm values, and committed Prosody configs
Prosody authentication logs and Jitsi troubleshooting output
Jitsi Meet web UI, XMPP BOSH/WebSocketNotes
Secure-domain user credentials control who can create rooms, not necessarily who can join existing anonymous-guest rooms.
JWT App Secret
jitsi-meet / jwt-app-secret
Jitsi Meet supports token authentication for deployments that require JWTs to authorize meetings. Token auth uses application IDs/secrets to validate signed meeting tokens.
Location
Prosody token authentication config, Jitsi web config.js, and deployment .env files
JWT_APP_ID, JWT_APP_SECRET, ENABLE_AUTH, ENABLE_GUESTSKubernetes Secrets, deployment vaults, and cloud secret managers
token generator code, tests, Docker Compose files, and Helm values
JWT validation errors and authentication debug output
Notes
JWT app secrets can mint tokens accepted by the Jitsi deployment until rotated or invalidated.
Room Password
jitsi-meet / room-password
Jitsi Meet rooms can be protected with a password set from the meeting UI. Jitsi documentation describes room-level password access control managed inside rooms after creation.
Location
Jitsi Meet room UIroom-level password prompt for attendees
browser automation, test logs, or meeting support traces if room passwords are recorded
automated meeting tests and integration scripts
Notes
Room passwords are ephemeral collaboration secrets and are separate from deployment admin or component credentials.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.