# Connection and Authorization

TrueConf Server includes the TrueConf Bridge service. This service contains an HTTP and WebSocket server used to implement API functionality for chat operations. The TrueConf Bridge service uses TCP port 4309.

To send API requests (commands), you must first connect to the WebSocket server and authorize the connection using an access token and the auth request.

If you start sending messages over a WebSocket without executing the auth command, any message will receive an error with code 200.

# Supported Accounts

Only user accounts from the current TrueConf server are supported. Authorization through accounts from federated servers or guest accounts is not supported. Accounts are supported in both Registry and LDAP modes.

# Identification token

Identification token is required for authorizing a WebSocket connection. The token is obtained via an HTTP request to the /bridge/api/client/v1/oauth/token endpoint following the OAuth 2.0 (opens new window) standard. Note that the TrueConf Bridge service does not accept HTTPS requests. For information on how to obtain a token using an encrypted connection (HTTPS), see below.

# Token request

To obtain an identification token, execute a POST request:

POST /bridge/api/client/v1/oauth/token HTTP/1.1
Host: localhost:4309
Content-Type: application/json
Content-Length: 114

{
    "client_id": "chat_bot",
    "grant_type": "password",
    "username": "user",
    "password": "qwerty"
}
Parameter Description
client_id Constant string "chat_bot"
grant_type Constant string "password"
username User's login (see here)
password User's password

# Success (201 Created)

If the authorization is successful, the HTTP server will respond with the code 201 Created:

HTTP/1.1 201 Created
Content-Type:application/json
Access-Control-Allow-Origin:*
Date:Mon, 09 Sep 2024 22:42:50 GMT

{
    "access_token": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ",
    "token_type": "JWT",
    "expires_in": 31536000
}
Parameter Description
access_token An identification token used for WebSocket connection authorization.
token_type A constant string "JWT".
expires_in The token's lifespan is one month from issuance. After this period, re-authorization is required.

Read more about the returned structure in the response body (payload) here.

# Error (400 Bad Request)

In case of an authorization error, the HTTP server will respond with a 400 Bad Request code:

HTTP/1.1 400 Bad Request
Content-Type:application/json
Access-Control-Allow-Origin:*
Date: Mon, 09 Sep 2024 22:42:50 GMT

{
"error": "invalid_grant",
"error_description": "Invalid username or password"
}
Parameter Description
error Value from the OAUTH_ERROR enumeration.
error_description Human-readable text of the authorization error.

Read more about the return structure in the response body (payload) here.

# Using HTTPS

HTTP protocol is used for:

  • obtaining an identification token;

  • uploading files to a dedicated storage on the server.

The TrueConf Bridge service does not support the HTTPS protocol. If you need to use HTTPS, requests must be directed to the TrueConf web server implemented by the TrueConf Web Manager service. The TrueConf Web Manager service proxies all HTTPS requests received at the /bridge/api/ endpoint to the TrueConf Bridge service.

Thus, when it is necessary to use the HTTPS protocol, requests can be sent to port 443 or another port, as specified in the control panel of TrueConf Server, after ensuring that the TrueConf Web Manager service is running:

https://video.example.net/bridge/api/client/v1/oauth/token

# WebSocket connection

After obtaining the identification token, you need to establish a connection with the WebSocket server and execute the auth authorization command.

# Connecting to the server

To connect to the server, establish a WebSocket connection at /weboscket/chat_bot/:

From a local machine to the TrueConf Bridge service (port 4309, protocol ws):

ws://localhost:4309/websocket/chat_bot/

Via TrueConf Web (port 443 or another, protocol wss):

wss://video.example.net/websocket/chat_bot/

The server supports the json.v1 subprotocol, which is transmitted in the Sec-WebSocket-Protocol header. If the header is not specified, json.v1 will be used by default.

# Connection Authorization

Request:

{
  "type": 1,
  "id": 1,
  "method": "auth",
  "payload": {
    "token": "someToken",
    "tokenType" : "JWT",
    "receiveUnread": true
  }
}
Parameter Type Req. Description
type uint32 Yes Message type (default is 1). Corresponds to MESSAGE_TYPE.REQUEST
id uint32 Yes Unique request identifier. An incremented value assigned by the sender, mandatory in each request for subsequent binding to the response. More details can be found here
method string Yes Type of command being sent, default is auth
token string Yes Authorization token, obtained via HTTP request
tokenType string Yes Default is JWT
receiveUnread boolean No A parameter that enables the bot to receive unread messages accumulated while it was offline. Messages are returned one by one — from oldest to newest. The maximum number of messages that can be retrieved is 1000. Default value: false.

Answer:

{
  "type": 2,
  "id": 1,
  "payload": {
    "userId": "someTrueConfUserId@someTrueConfServeName/someHash"
  }
}
Parameter Type Required Description
type uint32 Yes Message type (default is 2). Corresponds to MESSAGE_TYPE.RESPONSE
id uint32 Yes Identifier matching the number sent in the original request, used to match the request and response
userId string Yes TrueConf ID of the authorized bot (server user)

In case of an error, a message containing the errorCode parameter is returned. A list of possible values is available in the relevant section of the documentation.