When a room is created, the room's
privacy setting defaults to
"public". Anyone who knows the room's URL can join a public room.
For many video call workflows, using
"public" rooms is the right approach. If you are creating rooms on the fly for one-time use, just let the room creation API endpoint automatically generate a room name for you. The room URL will be impossible to guess, so only the people you send the URL to will be able to join the room. You can also set an
exp time for the room, so that it is automatically deleted, and even people who have seen the URL to won't be able to reuse it, later.
But for other workflows, you will want to restrict access to your rooms. For example, if you are creating human-readable room names, someone could guess a room name and join a meeting uninvited. Or, if you are reusing meeting rooms, you might want to control access so that even people who have the room URL can't always join the room.
To restrict access to a room, change the room's
privacy setting to
"private" or to
"org" privacy setting will soon be deprecated.
The two settings —
"private"— only behave differently for users who have Daily accounts. See below for more information about join permissions for logged-in Daily users.
"org"privacy setting will soon be deprecated.
A non-public room can be joined with a meeting token, by knocking, or by a logged-in user.
A meeting token is the most flexible way to grant access to a non-public room. Meeting tokens can be different for each meeting participant, can be time-limited, and can include additional information about each user.
Any valid meeting token grants access to a non-public room. Simply create a meeting token, append it to the room URL as a
t= query parameter, and use that new URL in your workflow.
Always set the
room_nameproperty when you are using meeting tokens to control room access. A meeting token without a
room_nameproperty allows access to any room in your domain.
When a user joins a meeting, we strip token from the URL, so that users don't accidentally share or forward room URLs that include meeting tokens.
To allow users to "knock" to request access to a non-public room, set the room's
enable_knocking property to
When a user knocks to request access to a meeting, a room owner must be in the room to approve that join request. Pro tip: You can use our Zapier App to notify meeting owners when something is knocking.
A room owner is usually someone who joined the meeting using a meeting token with the
is_owner property set to
true. Alternatively, a room owner can be a user who is logged into a Daily account and is a member of your team.
Heads up! The
"org"privacy setting detailed below will soon be deprecated.
We maintain a full-featured accounts and team-management framework for Daily, and you can use Daily accounts and team membership to control access to meeting rooms. This can be convenient for use cases where you have a small number of "admin" users, or for use cases that are an extension of your team's existing Daily dashboard and video call workflows.
To use Daily team membership to manage access to rooms, send your users an invitation to sign up for a Daily account and join your team. Here's a help article about how to do that.
Then set your rooms'
privacy property to
"org" setting is the API version privacy setting that is called "team" in the Daily dashboard.)
Your users will be able to join
"org" (team) rooms, if they are logged into a Daily account and are members of your team. They will also be able to approve other users who knock to access the room.
Updated about a month ago