We have API fro web and mobile application. authentication is with oAuth2, now we need to add sip functionality to application an I am wondering if its possible to not store user passwords on client side and send to asterisk only access token of logged in user. asterisk will in background send request to our API and our api will response user is valid or not. this scheme works fine with ejabberd server but I cannot find anything like this in asterist.
Asked
Active
Viewed 889 times
1 Answers
0
Sip standart support only md5sum authentification and password.
However if you are developing both part(client and server) you are free to rewrite authentification function. Asterisk is opensource soft, it alow that(c/c++ coding required).
Without C such functionality can be done on kamailio/opensips.
You also can allow guest calls on asterisk and do auth in dialplan, using any method including func_CURL.
arheops
- 15,544
- 1
- 21
- 27