Limited Time Offer: Watch All Our Bubble Tutorial Videos for Only $99 per Year!

Whereby Host & User Permissions with

Learn how to easily add user roles and host privileges into your Whereby meetings embedded in your Bubble app, ensuring secure access control using privacy rules and optimizing the user experience. Dive into the world of no-code video conferencing with!

Adding User Roles and Meeting Permissions

In our miniseries looking at how to add the whereby embedded video conferencing into your bubble app. We got as far as creating a meeting using the API and then sending the user or ourselves through to a page where we could then engage and enter into that meeting. But I missed a really cool feature that they've got available, which is user roles and meeting permissions.

Setting Up Host URL

For example, you can have someone as a role of host and the way you do that is by giving them a special URL which you would only share with the host. So let me show you how we can do that really easily.

I'm going to just go into my bubble app and go to plugins. And just by adding this additional line into the JSON, we can say that when we create a meeting, we expect to get back a host URL. And that's the special URL that we only want our hosts to be able to access. So if I initialize this, we get back another field which is our host URL. And you'll notice it contains a room key.

Applying Privacy Rules

This is to add security to it. Anyone who has the host room URL can access the host features, but participants, we'd only want them to access the room URL. So let's add this into our workflow by going ahead and adding in field for host URL and saying the result of step one is the host URL. There it is. So that's saving it into the database and allowing us to retrieve it.

But we're going to want to apply some privacy rules here because privacy rules are the only proper way of securing data in your bubble app. So let's have a look at data privacy and then meetings. So at the moment we're saying that if the current user creates a meeting, they can access all fields so they can access the host URL and the participant URL. But if we just want to be able to share a link to the page on our site where the meeting is taking place, then we want to also allow anyone so public. So by ticking this box, this field is now publicly accessible.

Consider Security Measures

Now you're going to want to consider that and make sure and run all other sorts of security checks on your bubble app. For example, is it okay that someone with the right technical skills could basically access all of these public URLs in your bubble app? Just bear that in mind. But importantly, in this instance, we don't want this box ticked because the host URL should only be accessible to this user. So one other thing that we should change then is that in meetings we want to update our embed.

Dynamic Embed URL

So instead of just saying current pages meeting URL, we need to make this a little bit more dynamic so that if the person visiting this page is the meetings creator, they get those host privileges. So we'll just say instead, current pages meetings creator is current user, formatted as text. So if they are the current user, then we can print the current meetings host URL. And if they're not current meetings URL because that's for participants. Now just remember that privacy rules are the only proper ways to protect this data.

It's not just good enough to ignore the privacy rules and just say, well, if they are the creator, show this URL. Otherwise, show this URL, because we actually don't want this field to be accessible at all to someone who isn't a creator. So let's go ahead and demo that. And I'm going to do that by first of all creating a user because at the moment the database is empty. No users and no meetings.

Creating Meeting and Accessing URLs

So let's create a user and we'll just say and now going back to dashboard and then back into data and perhaps just giving this a refresh, I'm going to run as that user because I want anything that I create now to have that current user as the creator. So let's create a meeting. We'll call this planet no code test, select a date in the future, save. Okay, now if I click join, ah, then if I go to just to demonstrate what's gone on here, we've created a meeting. We have the host URL.

If I click here, we have the host URL. We have the main URL for participants. And the creator is linked to the account that I just created. So if I go back to the demo and join the meeting, I now have got access to a few more features because I am the host.

Implementing Security Measures

And if I go into inspect, we can see exactly why that's happening because go to HTML. Current users meetings creator is current sorry, current pages meetings creator is current user. The answer is yes. And so we're getting the host URL, but if the answer was no, we would get the participant URL. So there you go. That's how you can add in host privileges and user roles into your whereby meetings that you're embedding in your bubble app so that you can go in all sorts of directions.

Endless Possibilities

With this the possibilities are endless because whereby allows you to basically create a no code video conferencing app with bubble.

Latest videos