Meetings
Meeting integrations use the same proof bundle as API integrations, but the protected action is meeting attendance.
Ratify is useful here when a customer wants a meeting-note agent, a sales-assistant agent, or a support agent to join Zoom, Microsoft Teams, or Google Meet only when it is explicitly authorized. The managed meetings surface lives in the Ratify Verify console.
- Agent platform obtains consent from the human or organization.
- The platform creates a proof bundle for
meeting:attend, and optionallymeeting:speak,meeting:video, ormeeting:share_screen. - The platform pre-announces the agent before the meeting.
- The meeting adapter verifies the proof when participant events arrive.
- Policy decides whether to allow, label, warn, or remove the participant.
Meetings are an organization/team surface. Personal accounts can integrate SDKs and API Gateway, but meeting enforcement requires an organization context.
Meeting note-taker example
Section titled “Meeting note-taker example”For a meeting-note platform, your runtime usually does this:
- generate or load agent keys
- get a delegation from the workspace admin
- sign a challenge when the meeting surface asks for proof
- keep the proof bundle available to the meeting adapter
The meeting adapter or Ratify-managed surface usually does this:
- issue the challenge
- verify the signature
- check revocation and expiry
- decide whether to allow, label, challenge, or remove the agent
SDK examples
Section titled “SDK examples”result := ratify.Verify(bundle, ratify.VerifyOptions{ RequiredScope: ratify.ScopeMeetingAttend,})if !result.Valid { http.Error(w, result.ErrorReason, http.StatusForbidden) return}const result = await verifyBundle(bundle, { required_scope: SCOPE_MEETING_ATTEND,});if (!result.valid) { throw new Error(result.error_reason);}result = verify_bundle(bundle, VerifyOptions(required_scope=SCOPE_MEETING_ATTEND))if not result.valid: raise RuntimeError(result.error_reason)let result = verify_bundle( &bundle, &VerifyOptions { required_scope: SCOPE_MEETING_ATTEND.into(), ..Default::default() },);assert!(result.valid, "{}", result.error_reason);/* Adapter receives the bundle_json from the agent's pre-announce. Verify before allowing the bot to join. */RatifyVerifyResult *result = NULL;char *err = NULL;ratify_verify_bundle(bundle_json, "meeting:attend", (int64_t)time(NULL), &result, &err);
if (ratify_verify_result_is_valid(result)) { char *agent_id = ratify_verify_result_agent_id(result); char *human_id = ratify_verify_result_human_id(result); /* Allow join and label the bot with the human principal's identity */ allow_join_and_label(meeting_id, agent_id, human_id); ratify_string_free(agent_id); ratify_string_free(human_id);} else { char *status = ratify_verify_result_identity_status(result); deny_join(meeting_id, status); /* remove agent from lobby */ ratify_string_free(status);}
ratify_verify_result_free(result);ratify_error_free(err);Callback contract
Section titled “Callback contract”Your callback_url is where Ratify posts lifecycle events about the meeting connection.
For the implementation details, see Callbacks and Webhooks.