In the context of this article, guests or external users are chat participants authenticated on an external server. Do not confuse them with guests in a webinar (public conference).<\/p>\n<\/div>\n
This will enable your users to:<\/p>\n
- \n
- Invite external participants to internal (corporate) chats;<\/li>\n
- Safely receive and send files in chats with external users;<\/li>\n
- Call external users and invite them to conferences.<\/li>\n<\/ul>\n
Use of federation<\/h2>\n
Federation<\/b> mode<\/a> enables you to configure the connection of external users from other TrueConf Servers. To use this method, you will need to deploy an additional TrueConf Server and set up federation on both servers. To achieve maximum security, we recommended running the second TrueConf Server in the DMZ (demilitarized zone of your network). The picture below shows how this method will work:<\/p>\n
![\"\"](\"https:\/\/trueconf.com\/blog\/wp-content\/uploads\/2025\/09\/2_en-690x131.jpg\" "\\"\\"")
<\/a><\/p>\nAn alternative solution is to deploy the second “guest” TrueConf Server in a cloud (VPS) on rented machines from any suitable provider. Federation will need to be configured between your server and the guest server. This method will work in the following way:<\/p>\n
![\"\"](\"https:\/\/trueconf.com\/blog\/wp-content\/uploads\/2025\/09\/1_en-690x136.jpg\" "\\"\\"")
<\/a><\/p>\nWhichever option is chosen, the corporate server will work in the usual manner. Access permissions for external users are controlled on the \u201cguest\u201d server by creating full accounts. On the guest server, you will need to configure the federation mode, user accounts, and the address book of guest users.<\/p>\n
To configure the corporate server, just set up the federation mode and address book for corporate users.<\/p>\n
Step 1. Configuration of federation on the corporate server<\/h2>\n
To set up federation on the corporate server, take the following steps:<\/p>\n
- \n
- Select the federation mode Allowed for whitelisted servers<\/b> in the drop-down list.<\/li>\n
- Click the Add<\/b> button to include the domain name of the external server in the white list.<\/li>\n
- Click the Apply<\/b> button to restart the corporate server and save changes.<\/li>\n<\/ul>\n
The full guide on federation is provided in this documentation section<\/a>.<\/p>\n
Step 2. Configuration of federation on the guest server<\/h2>\n
Federation for the guest server can be configured in the same way as for the corporate server (refer to the description above<\/a>).<\/p>\n
Step 3. Creating accounts for external users<\/h2>\n
Finally, you need to create accounts for guest server users. Switch to Registry<\/b><\/a> data storage mode. In this mode. data is stored locally on the server. This approach will allow you to conveniently edit accounts and permissions for user groups. <\/p>\n
Next, create accounts for guest users, and ,if needed, create separate groups for them and configure permissions.<\/p>\n
When accounts are created, users will be able to log in to the guest server with the login and password. You can share the login information with the users in any convenient way.<\/p>\n
Step 4. Configuration of users\u2019 address book on the corporate server<\/h2>\n
To make sure that users on your server and external users can see each other in the contact list, you will need to configure their address book.<\/p>\n
TrueConf Server does not allow administrators to add the entire group of federated users to the address book. The thing is that there can be many federated servers, and it is necessary to flexibly configure the visibility of users in the address book independently of each other. So, we will show how to link users from two servers.<\/p>\n
Let us suppose that the main server is hosted at
corp_server.com<\/code>. As shown above, deploy the second server for guest users, for exampleguest_server.com<\/code>. Create user accounts in Registry<\/b> mode<\/a> on the second server, and then configure the address book on both servers.<\/p>\nSuppose that certain groups on the corporate server
corp_server.com<\/code> will interact with guest users of the serverguest_server.com<\/code>, e.g., Sales<\/b>, Operators<\/b>, and Technical Support<\/b>. It is necessary to add the guest server users to the address book of these groups.<\/p>\nTo do it, on the server
corp_server.com<\/code>, click on Groups<\/b> in the sidebar, click Customize<\/b> in the Address Book<\/b> column of the Operators<\/b> group, and add a user in the Group address book<\/b> section.<\/p>\nEnter the full TrueConf ID<\/b> of the guest user, for example,
moore@guest_server.com<\/code>, and this person\u2019s display name. For the sake of convenience, we recommend adding a note which would indicate that this user is from a different server, for example,Albert Moore (Guest)<\/code> orAlbert Moore (guest_server.com)<\/code>. Continue adding other users in this manner, and repeat the process for the Sales<\/b> and Technical Support<\/b> groups.<\/p>\n![\"\"](\"https:\/\/trueconf.com\/blog\/wp-content\/uploads\/2025\/09\/snimok-ekrana-2025-09-12-123330-632x470.png\" "\\"\\"")
<\/a><\/p>\nStep 5. Configuration of address book for guest server users<\/h2>\n
To make sure that guest server users can contact corporate server users on their own, you should set up their address book in the same way as for corporate users<\/a>.<\/p>\n
For example, on the external server
guest_server.com<\/code>, click on Groups<\/b> in the side menu. Next click Customize<\/b> in the Address Book<\/b> column of Users without a group<\/b> (by default, all created users can be found here), and add a user in the Group address book<\/b> section.<\/p>\nEnter the full TrueConf ID<\/b> of the corporate user, for example,
wolf@corp_server.com<\/code>, and his\/her display name. For the sake of convenience, we recommend adding a note indicating affiliation with another server, such asJames Wolf (Corp.)<\/code> orJames Wolf (corp_server.com)<\/code>. Add other users in the same way.<\/p>\nHow to authenticate as a guest user<\/h2>\n
To connect to the server, external users have to take these steps:<\/p>\n
- \n
- When the application is launched for the first time, click the Sign In<\/b> button in the pop-up window.<\/li>\n
- In the opened window, select the Corporate user account<\/b>. option in order to authenticate on the guest server with the account created previously.<\/li>\n
- Next, click the button Enter server address manually<\/b>.<\/li>\n
- Enter the server address which can be obtained from the administrator.<\/li>\n
- Specify your TrueConf ID<\/b> (login) and click Next<\/b>.<\/li>\n
- On the next window, enter the account password (we recommend checking the box Remember Password<\/b>) and click Next<\/b>.<\/li>\n<\/ul>\n
For more details on authentication, guest server users should refer to the application documentation<\/a>.<\/p>\n
What features can be enabled for external users?<\/h2>\n
The administrator of the corporate server can configure the permissions of external users by editing the rights for the Federated Users group. It is possible to configure the rights for the following actions: <\/p>\n
- \n
- Edit the address book;<\/li>\n
- Create group conferences;<\/li>\n
- Share content;<\/li>\n
- Show slides;<\/li>\n
- Send files to chats;<\/li>\n
- Download files in chats;<\/li>\n
- Record conferences in a client application;<\/li>\n
- Send a request for the remote control of a meeting participant\u2019s desktop;<\/li>\n
- Allow control of one’s own desktop;<\/li>\n
- Operator rights.<\/li>\n<\/ul>\n
Here, you can flexibly configure permissions for external users; for example, you may disable the right to send files to the chat due to security reasons; however, you can allow them to download files sent by the users of the corporate server. <\/p>\n
To edit permissions, go to the control panel of the main (corporate) server, and click on Groups<\/b> in the side menu. Find the Federated Users<\/b> group in the table and use the toggles to enable or disable features for this user group. <\/p>\n
Additionally, you can select what kind of data about the users of your server should be visible to federated users. To do it, go to the Users \u2192 Settings<\/b> in the side menu. In the Display Fields<\/b> area, you can use toggle switches to specify which data is displayed for federated (external) users.<\/p>\n
How to protect the corporate server from external users?<\/h2>\n
When federation is set up, the administrator should use the following settings to configure the server according to corporate security policy:<\/p>\n
- \n
- Visibility of corporate users in the address book<\/a> for federated users;<\/li>\n
- Restriction of access rights for the Federated Users<\/b> group<\/a>;<\/li>\n
- Integration with a Data Loss Prevention (DLP) system to keep corporate information safe and control data exchange. Refer to the documentation<\/a> for more details.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"
\u0421orporate messengers are widely used in various companies, and in some cases, it is critical to connect external users, e.g., contractors and partners, to the corporate chat. To minimize the risk of information leakage, let us discuss secure ways of connecting external users to the chats. TrueConf Server is well-equipped to handle this task since […]<\/p>\n","protected":false},"author":73,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[260],"tags":[186],"class_list":["post-38501","post","type-post","status-publish","format-standard","hentry","category-knowledge-base","tag-administration","wpautop"],"_links":{"self":[{"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/posts\/38501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/users\/73"}],"replies":[{"embeddable":true,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/comments?post=38501"}],"version-history":[{"count":6,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/posts\/38501\/revisions"}],"predecessor-version":[{"id":38544,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/posts\/38501\/revisions\/38544"}],"wp:attachment":[{"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/media?parent=38501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/categories?post=38501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trueconf.com/blog\/wp-json\/wp\/v2\/tags?post=38501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- Restriction of access rights for the Federated Users<\/b> group<\/a>;<\/li>\n
- Visibility of corporate users in the address book<\/a> for federated users;<\/li>\n
- In the opened window, select the Corporate user account<\/b>. option in order to authenticate on the guest server with the account created previously.<\/li>\n
- Click the Add<\/b> button to include the domain name of the external server in the white list.<\/li>\n
- Select the federation mode Allowed for whitelisted servers<\/b> in the drop-down list.<\/li>\n