Skip to main content
Skip table of contents

How do I authenticate when setting up calls through a CM SIP Trunk?

Goal

Describe the possible authentication options supported by the CM Voice platform.

Product

  • Voice

Steps

The general authentication flow look like this.

  • An User Agent Client (UAC) sends a SIP message to an User Agent Server (UAS)
  • The UAS responds back with a 401 challenge response in case of SIP REGISTER or a 407 Authenication Required in case of a SIP INVITE sent without using SIP REGISTER
  • An UAC uses data in the 4xx challenge response to encrypt his or her identity credentials (e.g. telephone password)
  • The UAC resends the SIP message with the encrypted credentials.

The CM Voice platform supports three authentication options.

  1. SIP REGISTER

    Authentication flow schematic:


  1. The CONTACT and FROM headers must contain the account username in the ‘user’ part of the SIP REGISTER message.

  • SIP INVITE incl. DIGEST Authentication (username + password)
  1. Resulting in a SIP 407 Digest Authentication required challenge

    Authentication flow schematic:


  • IP based authentication/Trusted IP

    This will be only offered as last resort solution. Please contact voice.support@cm.com or your account manager we offer the possibility of IP based authentication. This is ONLY possible for a single SIP account using the same SIP IP endpoint. An IP endpoint set to trusted cannot be used for another SIP account.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.