OAuth 2.0 Token-based SIP Authentication
The device can authenticate any incoming SIP requests (e.g., REGISTER and INVITE) from client applications, based on access tokens with an OAuth 2.0 Authorization Server (internal or external).
When the device receives a SIP request (with an OAuth access token) from a client application (e.g., WebRTC client), the device introspects the token with the OAuth Authorization server (HTTP server). Upon successful introspection, the device allows the client access to the device's resources (e.g., registration and calls) and continues to handle and process the SIP request as usual.
| ➢ | To configure OAuth-based SIP authentication: |
| 1. | Open the Remote Web Services table (Setup menu > IP Network tab > Web Services folder > Remote Web Services), add then configure a Remote Web Service to represent the OAuth Authentication server. |
| 2. | Open the IP Groups table (Setup menu > Signaling & Media tab > Core Identities folder > IP Groups), and then configure the following parameters: |
| ● | 'Authentication Mode': SBC as Server |
| ● | 'Authentication Method List': "register/setup-invite" |
| ● | 'SBC Server Authentication Type': Authenticate with OAuth Server |
| ● | 'OAuth HTTP Service': Assign the Remote Web Service that you configured in Step 1 |
Configuring OAuth-based SIP Authentication
