Hosting.IM, the leading Cloud-based Instant Messaging service by ProcessOne, has extended further its user management integration features for larger companies. Please read about this new service below.
A common feature requested by many hosted.IM customers is the ability to authenticate users according to a pre-existent company database. Since then, we have implemented the possibility to authenticate against your POP3 or IMAP server. However it requires that your instant messaging domain name matches the domain from your e-mail addresses.
Several companies already have an intranet authentication backend, like LDAP, Active Directory or an Ad-Hoc database. On the other hand our experience with large sized companies is that is not a good idea to expose LDAP or Active Directory to the internet.
To overcome this problematic scenario we have added a new authentication method, which consists on delegating the authentication to an external REST API, acting as a façade to your own intranet database.
The behaviour expected by hosted.IM is fairly straightforward. Your API must answer a GET query with details about the user that is trying to authenticate to your IM domain with ‘true’ or ‘false’ depending on whether the user is authorized or not.
In the image below we see how mydomain.com administrator sets https://mydomain.com/auth as the REST URL and clicks on the highlighted Verify your service link to ensure hosted.IM is able to contact it:
The next step would be to click on the ‘Switch’ button and that’s all!. Now hosted.IM will authenticate users against your company data source.
Below is the specification of the authorization API:
| URL | Configured on hosted.IM user administration form. Could be HTTPS (recommended) or HTTP | |
| Method | GET | |
| Parameters | username | Username part of the user ID to be validated |
| password | Password sent by the user to be validated | |
| domain | Domain part of the user ID to be validated | |
| secret | Arbitrary string defined on hosted.IM user administration form | |
| Expected reply | Code | 200 OK |
| Content-type | application/json | |
| Body | true if authorized; otherwise false | |
| Error | Code | Any HTTP code, according to the error type. It will deny user access. |
This release also includes other improvements suggested by our users. It contains also bug fixes.
As we continue improving daily our service, we will greatly welcome your feedback. There is already much more to come soon. Thank you!
Links:
