About Device Authentication
Device authentication is the verification of the credentials of an incoming request to the Expressway from a device or external system. It is used so that certain functionality may be reserved for known and trusted users.
Mobile and Remote Access devices
You do not have to make any explicit configuration on the Expressway regarding the authentication of devices that are registering to Unified CM via the Expressway. If the Expressway is the authenticating agent for these devices (compared to an external IdP), then it automatically handles the authentication of these devices against their home Unified CM clusters.
Rich media sessions
Devices communicating with the Expressway that are participating in rich media sessions are subject to the Expressway's configurable authentication policy.
When device authentication is enabled, any device that attempts to communicate with the Expressway is challenged to present its credentials (typically based on a username and password). The Expressway will then verify those credentials against its local authentication database.
Expressway authentication policy can be configured separately for each zone. This means that both authenticated and unauthenticated devices could be allowed to communicate with the same Expressway if required. Subsequent call routing decisions can then be configured with different rules based upon whether a device is authenticated or not.