Jitsi as a Service

Welcome to the 8x8 developer hub. You'll find comprehensive guides and documentation to help you start working with 8x8 as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started



Jitsi as a Service (JaaS) enables you to develop and integrate Jitsi Meetings functionality into your web applications. The JaaS integration incorporates the extensive functionality of the 8x8 Jitsi Platform so you can host meetings that leverage the distributed Meetings infrastructure from data centers around the world.

As shown in the following diagram, the JaaS Developer Console enables you to configure and incorporate the powerful IFrame and Mobile SDK Jitsi components to further facilitate and enhance your meetings:

Your JaaS account provides an isolated context referred to as a tenant - this is where your meetings will take place and where you will create your meeting room. The tenant defines the root level for the meeting room namespaces you can create and use. All JaaS Meeting rooms are prefixed with the tenant ID. Refer to Integrate JaaS using the Jitsi IFrame API for more information.

The Developer Console

The Developer Console facilitates the management of your JaaS account. It provides the tools that enable you to manage and configure key details associated with your JaaS integrations.


The Activity page allows you to see your current usage in the context of your subscribed plan.

8x8 Jitsi as a Service defines Monthly Active Users (MAU) that have attended at least one meeting, with at least one other user, during the current month. To determine a unique user, we store an identifier on the device's local storage, and that will remain the same as long as the user uses the same browser and same device and doesn't clear their local cache data. Mobile is similar. An identifier remains across updates and gets removed if you delete the app. (A user is defined as a unique endpoint).

The following screenshot shows the MAU according to the user's subscription plan along with a plot of cumulative usage for the current month:

API keys

The Developer Console API Keys page enables you to define and manage the authentication keys for your meeting participants. You add the API keys used to authenticate the Jitsi JSON Web Tokens (JWTs) created by your integration for each individual user endpoint.

To enable participation in your tenant meetings, you must generate a JWT for each participant and sign it with the Private Key.

Generating the JaaS API key

Your uploaded public key is used to authenticate generated JWT tokens using the Private Key of the specific key pair. When the Jitsi IFrame connects to your meeting, valid JaaS JWTs enable meeting room connections in the tenant as specified by the roomName value. The Private Key is used to sign the Jitsi JWT.

A JaaS API key is a Public Key consisting of a 4096 bits RSA SSH Key Pair in PEM format. You can generate the Key Pair using the ssh-keygen command and specify rsa as the algorithm, 4096 as the size, and PEM as the format. Refer to ssh-keygen - Generate a New SSH Key for more information about this facility.

Open a terminal window, then use ssh-keygen command:

> ssh-keygen -t rsa -b 4096 -m PEM -f <filename>

The following shows an example output after running the keygen command:

dev$ssh-keygen -t rsa -b 4096 -m PEM -f jaasauth.key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in jaasauth.key.
Your public key has been saved in jaasauth.key.pub.
The key fingerprint is:
SHA256:aHkvV50wzp6hJ7DB/BTiuzGbh73x3JAnSLhGuxRsyxw [email protected]
The key's randomart image is:
+---[RSA 4096]----+
|                 |
|                 |
|        . . o    |
|       B o + + . |
|      + E o = o  |
|     . * / = +   |
|        #oO B .  |
|       o.Xo* =   |
|        =...o .  |

You must then save the public key in PEM format using the openssl command.

For example:

> openssl rsa -in <filename> -pubout -outform PEM -out <filename>.pub

Another example of the openssl command is as follows:

dev$openssl rsa -in jaasauth.key -pubout -outform PEM -out jaasauth.key.pub
writing RSA key

The following is an example of a saved JaaS API (Public) key file:

dev$cat jaasauth.key.pub
-----END PUBLIC KEY-----

Uploading an API Key

Once an RSA key is generated and in the correct format, your JaaS API key can be dragged and dropped into the Add API key field. You can then add it by clicking the Add API Key button:

The API Key ID (kid) is composed of the tenant’s unique identifier and is used in the JWT header. The tenant unique identifier is prefixed as vpaas-magic-cookie- and is used as the value of the sub field in the JWT.

The following screenshot shows a kid example:

Refer to The Jitsi JWT for more details.


The Developer Console Webhooks page enables you to define POST HTTP JaaS platform requests. These requests can be triggered by selected and defined in-meeting or post-meeting events that are generated by your tenant.

For additional information about webhooks refer to the Jitsi as a Service (JaaS) Webhooks Reference.

Defining a Webhook endpoint

You can define an endpoint by clicking Add endpoint and specifying a mandatory target URL. After you have added the webhook, you can select one or more events that will trigger requests to the defined endpoint. The added endpoints are listed by URL and list of events.

You can optionally configure an Authorization header to be sent with each webhook request. This enables you to authorize incoming requests.

The following screenshot shows a PARTICIPANT_JOINED action event configuration with an endpoint URL of https://postb.in/b/1600147371176-9105843019206:

You can later edit the current endpoint by selecting it from the list, or add more endpoints for other significant meeting events.

The following screenshot shows the completed webhook configuration:

The webhook endpoint expects data through a POST request and confirms successful data receipt through the return of an 2xx status code. If a successful status is not returned, follow up webhook delivery attempts are made with an exponential back off.

The same event might occasionally be delivered more than once which guards against duplicated events using the idempotencyKey.

Event ordering is not guaranteed; therefore, PARTICIPANT_JOINED might be received prior to ROOM_CREATED.


The Branding page enables you to brand the meetings run on your tenant with your own:

  • Custom meeting invite URL
  • Enterprise Logo or symbol
  • Company website link
  • UI background image or color
    Setting the custom meeting invite URL enables you to specify the URL that meeting participants would get when they want to share the meeting link to invite others.

Configuring and setting your enterprise logo or symbol enabless you to have your brand displayed in meetings, recordings, and live streaming sessions from your tenant.
Using a clickable link on your logo that leads to your company website also further facilitates and enhances your brand identity.

Analytics (beta)

Note: The Analytics functionality is in beta stage.

Analytics provides a helpful tool that analyzes the quality of meetings that have taken place in your tenant. You use the Analytics tool to develop insights and determine the quality of your meetings.

You can get a dashboard view of:

  • Total conferences - either ongoing or terminated
  • All participants joined - either successful or dropped conferences
  • Participants unable to join - either partially failed or totally failed conferences

The view includes the tenant ID and the unique Conference ID (Conf ID).

For more information on Analytics refer to:

Team management

Access to and use of the Developer Console can be shared across your JaaS team via the Team management page.

My plan

The My plan page provides the details of your 8x8 JaaS subscription. On this page, you can view the MAUs included in your monthly charge and any overage charges in the case your usage surpasses your subscription plan.

The My plan page also includes information about subscription add-ons with pricing.

As your business or enterprise scales, you can upgrade to a more suitable plan by clicking on Manage subscription and select from one of the available plans that are shared with you. For further details contact your 8x8 Representative.

You will be presented the available plans and you can select a plan that best suits your needs or contact our Sales team.


This section allows you to understand and manage the billing details associated to your account.

The Billing page enables you to see the status of your subscription invoice. The page includes invoice due date, current month balance, and a list of past invoices. Click on the View button to download a select invoice.

You can also edit your payment information or cancel your subscription.

Start guide

The Start guide is your go-to reference for quick, accessible information about your 8x8 JaaS integration. The guide walks you through topics such as:

  • Core concepts
  • Adding an API Key
  • Customizing your JaaS integration using Branding
  • Generating your first Jitsi JWT
  • References to sample code you can use to start building out your integration

Contact Support

You can contact the 8x8 JaaS Support Team by clicking the envelope icon on the top right corner of the Developer Console display and completing the Support form.

Complete the form with as much detail as possible so we can address your issue or concern promptly.


For each user endpoint you enable for a meeting, you must generate a JWT token and sign it with a Private Key.

The JWT token is pass as a parameter to either the IFrame or Mobile SDK as described in the following sections.

The Jitsi JWT

The header of the JWT contains 3 claims:

  • alg: The algorithm used for signing the JWT
  • kid: The kid listed for the uploaded API Key see "Generating the API key"
  • typ: The JWT type

For example:

  "alg": "RS256",
  "kid": "vpaas-magic-cookie-1fc542a3e4414a44b2611668195e2bfe/4f4910",
  "typ": "JWT"

The following claims are expected in the JWT body:

  • aud: “jitsi” - This value is hardcoded in the body
  • context:
  • user:
  • id: The user's unique identifier
  • name: The user name
  • avatar: The publicly available URL that points to the user avatar picture
  • email: The user email
  • moderator:
    • If the user is the moderator set to “true“
    • If this value is missing or is set to “false“ the user will not have moderator permissions.
  • features: The permissions given to the user for accessing specified features.
    • Key represents the permission name and the value should be “true“/“false“.
    • Supported keys: livestreaming, recording , transcription and outbound-call.
    • Please note that a participant needs to be moderator (e.g. moderator: "true") as prerequisite of having the feature permissions enabled.
  • exp: The time after which the JWT expires
  • iss: “chat” - This is a hardcoded value
  • nbf: The time before which the JWT must not be accepted for processing
  • room: The meeting room value for which the token is issued; this field supports also wildcard (“*”) if the token is issued for all rooms
  • sub: The tenant unique identifier (see Webhooks for more information)

For example:

  "aud": "jitsi",
  "context": {
    "user": {
      "id": "0f8b7760-c17f-4a12-b134-c6ac37167144",
      "name": "John Doe",
      "avatar": "https://link.to/user/avatar/picture",
      "email": "[email protected]",
      "moderator": "true"
    "features": {
      "livestreaming": "false",
      "outbound-call": "false",
      "transcription": "false",
      "recording": "false"
  "exp": 1696284052,
  "iss": "chat",
  "nbf": 1596197652,
  "room": "*",
  "sub": "vpaas-magic-cookie-1fc542a3e4414a44b2611668195e2bfe"

For the above examples, a JWT example can be found on the jwt.io Auth0 JWT site and accessing the debugger as shown in the following screen shot:

Integrate JaaS using the Jitsi IFrame API

To integrate JaaS using the IFrame API, refer to the IFrame API · Jitsi Meet Handbook for the complete procedure.

For each user endpoint you need to generate a JWT.

You can adapt the script source to 8x8.vc by updating the script domain as follows:

<script src="https://8x8.vc/libs/external_api.min.js"></script>

The options arguments should be set as follows:

  • roomName to “<tenant>/<room>”
    • The rooms must be defined in the namespace of your tenant
    • The tenant can be retrieved from the IFrame Integration page
    • The room should be a single-level (no slash) string composed of legitimate, safe URL characters.
  • jwt to the JWT you have generated and signed

roomName: "vpaas-magic-cookie-1fc542a3e4414a44b2611668195e2bfe/adevmeeting"

Configuring the invite link

The in-meeting controls offer your meeting users the option to invite participants into the same session.

To implement a functional invite flow, perform the following steps:

  1. Configure the base URL of the meeting invite link (e.g. https://application.com/meet) in the Customise your meeting invite URL Branding section.

  2. Define an alias name for your meeting room in your IFrame instantiation code.

The alias must be a single-level (no slash) string composed of legitimate, safe URL characters. (You can make it identical to the meeting room name as well). This definition is described in the iFrame documentation as the brandingRoomAlias property. An example code block is as follows:

  configOverwrite: {
       brandingRoomAlias: 'anInterestingMeeting'

The preceding steps result in the meeting Invite more people dialog which generates an invite link comprised of the base/alias pair(e.g. https://application.com/meet/anInterestingMeeting for the values used above)

  1. In your integrating application implement the logic that maps the resulting invite link (base/alias) to your application and handles the users that land on it.
    By doing this the integrating application is in control of who is allowed to join a meeting by authorizing any user (including guests) and then generating a valid JWT.

Mobile SDKs

JaaS features Mobile SDKs that enable integration of Jitsi into your mobile app.

To use the mobile SDKs you need to set the following fields in JitsiMeetConferenceOptions:

  • Set the serverURL to “https://8x8.vc”
  • Set token to your generated and signed JWT
  • Set roomName to “<tenant>/<room>” with the following details:
    • The rooms must be defined in the namespace of your tenant
    • The tenant can be retrieved from the IFrame Integration page
    • The room should be a single-level (no slash) string composed of legitimate, safe URL characters.

You can find sample code for both Android and iOS at https://github.com/jitsi/jitsi-meet-sdk-samples which includes:

Whitelisting JaaS IP ranges and domains

When you integrate JaaS you should make sure that your users whitelist the IP ranges and domains listed in the following documents:

Updated 5 days ago


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.