SIP OAuth Mode Overview
Secure registrations to Unified Communications Manager involves a process of updating CTL files, setting up a mutual certificate trust store and so on. If a Cisco Jabber device is switching between on-premises and off-premises, it is difficult to update LSCs and renew Certificate Authority Proxy Function (CAPF) enrollment each time when a secure registration is completed.
SIP OAuth mode allows you to use OAuth refresh tokens for Cisco Jabber authentication in secure environments. Supporting OAuth on the Unified Communications Manager SIP line allows secure signalling and media without CAPF. OAuth token validation during SIP registration is completed when OAuth based authorization is enabled on Unified Communication Manager cluster and Cisco Jabber endpoints.
OAuth support for SIP registrations is extended only for Cisco Jabber devices from Cisco Unified Communications Manager 12.5 release onwards.
The following are the Phone Security Profile Types that can be configured for OAuth. Currently, this is supported only for Cisco Jabber.
-
Cisco Dual Mode For iPhone (TCT device)
-
Cisco Dual Mode For Android (BOT device)
-
Cisco Unified Client Service Framework (CSF device)
-
Cisco Jabber for Tablet (TAB device)
-
Universal Device Template