What’s changing
Currently, you can join client-side encrypted calls from a computer or mobile device. Starting today, you can join client-side encrypted calls directly from Google Meet hardware devices. Simply select the meeting from the in-room agenda on any hardware device – you’ll be prompted to authenticate from a personal device, such as your phone or laptop, which will grant the room access to this specific meeting.
.gif)
Joining a client-side encrypted meeting from a hardware device
Google Meet always encrypts call media in transit and at rest, ensuring only meeting participants and Google's data center services can decrypt it. Client-side encryption adds an additional layer of privacy by encrypting all media that is encrypted directly by each participant's browser using keys accessible only to them, meaning Google's servers and other service providers cannot decrypt or access the call content. This gives users greater control and confidentiality over their meeting communications, and this specific update gives users another way to join client-side encrypted calls.
Additional details
Client-side encrypted calls can be joined from meeting rooms in the host's organization or in the organization of an invited participant. A room does not need to be specifically invited to the meeting — access to client-side encrypted calls is determined by the identity of the individual participant.
Getting started
- Admins:
- In order for end users to use client-side encryptions, admins must connect Google Workspace to an external identity provider and encryption key service (IdP+key service). Visit the Help Center to learn more about managing client-side encryption for your organization. Note: There is no additional configuration for room hardware if client-side encryption has already been configured.
- Note: The KACLS server used for key management needs to support the delegate call. This call is used for authorizing a room to join a meeting on behalf of an authenticated user. Check with your KACLS vendor for details.
- End users: You can join a client-side encrypted call from a room in the same way you would join a call using regular encryption. Follow the additional instructions displayed on the room unit to authenticate on your personal device. Visit the Help Center to learn more about joining a client-side encrypted meeting from a Google Meet hardware device.
Rollout pace
- Rapid and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on July 2, 2025
Availability
Client-side encryption for Google Meet is available for Google Workspace:
- Enterprise Plus
- Education Standard and Plus
Joining an encrypted call is available for all Google Meet hardware devices