Reputation: 159
how to authenticate users on ejabberd using an access token
I have a running application that has the phone number as identifier and users are granted access token to access other apis if they verify their accounts. I don't have passwords.
to explain it more : the client verifies the phone number throw a code sent to the phone number , if verified then the client is granted an access token that can be used to call other apis of the application
Now Im adding chat feature to the application and I setup an xmpp server (ejabberd) . how can I configure ejabberd to authenticate users through this access token? I have configured ejabberd to work with sql
Upvotes: 3
Views: 1713
Answers (1)
Reputation: 18346
At Ejabberd side you can enable external auth script
- https://docs.ejabberd.im/admin/configuration/#authentication
- https://docs.ejabberd.im/admin/configuration/#external-script
So Ejabberd will receive your token, verifies it (it goes to your Phone Auth service API to just verify it) and then returns true/false if it's valid hence authenticate your user or not
This is a pretty common solution for your issue
Upvotes: 2
Related Questions
- Ejabberd limit User Registration privilege
- Cannot connect to Ejabberd: user is not authorized
- Ejabberd Oauth: Access denied
- ejabberd API invite to MUC room
- oauth2 authentication support in ejabberd
- Ejabberd OAuth / REST 401 Unauthorized
- How to create XMPP(ejabberd) users using XMPPHP client
- How to configure ejabberd rest api?
- External authentication in ejabberd using java
- Ejabberd - Exauth authentication works but user showing Not Authoried to each other in pidgin