erickirt · pull · Dec 22, 2025 · Dec 22, 2025 · Dec 22, 2025
diff --git a/.changeset/loud-flowers-sing.md b/.changeset/loud-flowers-sing.md
@@ -0,0 +1,5 @@
+---
+"@livekit/protocol": patch
+---
+
+redact metadata in agent protos
diff --git a/auth/accesstoken_test.go b/auth/accesstoken_test.go
@@ -218,7 +218,7 @@ func TestAccessToken(t *testing.T) {
 
 			v, err := ParseAPIToken(value)
 			require.NoError(t, err)
-			claims, err := v.Verify(secret)
+			_, claims, err := v.Verify(secret)
 			require.NoError(t, err)
 
 			rc := (*livekit.RoomConfiguration)(claims.RoomConfig)

diff --git a/auth/verifier.go b/auth/verifier.go
@@ -58,23 +58,23 @@ func (v *APIKeyTokenVerifier) Identity() string {
 	return v.identity
 }
 
-func (v *APIKeyTokenVerifier) Verify(key interface{}) (*ClaimGrants, error) {
+func (v *APIKeyTokenVerifier) Verify(key interface{}) (*jwt.Claims, *ClaimGrants, error) {
 	if key == nil || key == "" {
-		return nil, ErrKeysMissing
+		return nil, nil, ErrKeysMissing
 	}
 	if s, ok := key.(string); ok {
 		key = []byte(s)
 	}
 	out := jwt.Claims{}
 	claims := ClaimGrants{}
 	if err := v.token.Claims(key, &out, &claims); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 	if err := out.Validate(jwt.Expected{Issuer: v.apiKey, Time: time.Now()}); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	// copy over identity
 	claims.Identity = v.identity
-	return &claims, nil
+	return &out, &claims, nil
 }
diff --git a/auth/verifier_test.go b/auth/verifier_test.go
@@ -33,18 +33,18 @@ func TestVerifier(t *testing.T) {
 		require.NoError(t, err)
 
 		require.Equal(t, apiKey, v.APIKey())
-		_, err = v.Verify("")
+		_, _, err = v.Verify("")
 		require.Error(t, err)
 
-		_, err = v.Verify("anothersecret")
+		_, _, err = v.Verify("anothersecret")
 		require.Error(t, err)
 	})
 
 	t.Run("key has expired", func(t *testing.T) {
 		v, err := auth.ParseAPIToken(accessToken)
 		require.NoError(t, err)
 
-		_, err = v.Verify(secret)
+		_, _, err = v.Verify(secret)
 		require.Error(t, err)
 	})
 
@@ -62,7 +62,7 @@ func TestVerifier(t *testing.T) {
 		require.Equal(t, apiKey, v.APIKey())
 		require.Equal(t, "me", v.Identity())
 
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 		require.Equal(t, &claim, decoded.Video)
 	})
@@ -88,7 +88,7 @@ func TestVerifier(t *testing.T) {
 		v, err := auth.ParseAPIToken(authToken)
 		require.NoError(t, err)
 
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 
 		require.EqualValues(t, string(md), decoded.Metadata)
@@ -108,7 +108,7 @@ func TestVerifier(t *testing.T) {
 
 		v, err := auth.ParseAPIToken(token)
 		require.NoError(t, err)
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 
 		require.Nil(t, decoded.Video.CanSubscribe)

diff --git a/livekit/livekit_agent_dispatch.pb.go b/livekit/livekit_agent_dispatch.pb.go
diff --git a/livekit/livekit_agent_dispatch.twirp.go b/livekit/livekit_agent_dispatch.twirp.go
diff --git a/livekit/types.go b/livekit/types.go
@@ -59,6 +59,9 @@ func (s NodeID) String() string              { return string(s) }
 func (s JobID) String() string               { return string(s) }
 func (s DispatchID) String() string          { return string(s) }
 func (s AgentName) String() string           { return string(s) }
+func (s ParticipantKey) String() string {
+	return fmt.Sprintf("%s_%s_%s", s.ProjectID, s.RoomName, s.Identity)
+}
 
 type stringTypes interface {
 	ParticipantID | RoomID | TrackID | ParticipantIdentity | ParticipantName | RoomName | ConnectionID | NodeID

diff --git a/protobufs/livekit_agent_dispatch.proto b/protobufs/livekit_agent_dispatch.proto
@@ -20,6 +20,7 @@ option csharp_namespace = "LiveKit.Proto";
 option ruby_package = "LiveKit::Proto";
 
 import "livekit_agent.proto";
+import "logger/options.proto";
 
 service AgentDispatchService {
   rpc CreateDispatch(CreateAgentDispatchRequest) returns (AgentDispatch);
@@ -30,12 +31,12 @@ service AgentDispatchService {
 message CreateAgentDispatchRequest {
   string agent_name = 1;
   string room = 2;
-  string metadata = 3;
+  string metadata = 3 [(logger.redact) = true];
 }
 
 message RoomAgentDispatch {
   string agent_name = 1;
-  string metadata = 2;
+  string metadata = 2 [(logger.redact) = true];
 }
 
 message DeleteAgentDispatchRequest {
@@ -56,12 +57,12 @@ message AgentDispatch {
   string id = 1;
   string agent_name = 2;
   string room = 3;
-  string metadata = 4;
+  string metadata = 4 [(logger.redact) = true];
   AgentDispatchState state = 5;
 }
 
 message AgentDispatchState {
-  // For dispatches of tyoe JT_ROOM, there will be at most 1 job. 
+  // For dispatches of tyoe JT_ROOM, there will be at most 1 job.
   // For dispatches of type JT_PUBLISHER, there will be 1 per publisher.
   repeated Job jobs = 1;
   int64 created_at = 2;

diff --git a/webhook/verifier.go b/webhook/verifier.go
@@ -51,7 +51,7 @@ func Receive(r *http.Request, provider auth.KeyProvider) ([]byte, error) {
 		return nil, ErrSecretNotFound
 	}
 
-	claims, err := v.Verify(secret)
+	_, claims, err := v.Verify(secret)
 	if err != nil {
 		return nil, err
 	}