https://<WebAdmin>/api
Applications access the Public API through the TOWS, using the existing WebAdmin IP address or FQDN.
HTTP Basic Authentication is used for all requests. Every REST request and WebSocket connection must be authenticated individually (no sessions).
Authorization: Basic <base64(username:password)>
The username must indicate the user's tenant and extension. The password is the user's PIN.
| Format | Example |
|---|---|
<ext>@<tenant ID> |
3266@315100001 |
<ext>@<tenant ID>.ID |
[email protected] |
<ext>@<tenant DID>.DID |
[email protected] |
<ext>@<tenant web login URL>.URI |
[email protected] |
The domain type suffix (.ID, .DID, .URI) must be uppercase.
Disabled users and users of inactive tenants are not permitted to use the API.
Authorization is per request based on user authority:
| Auth Header Contains | Authority Level |
|---|---|
<ext>@<tenant ID> where extension is a TenantAdmin User |
Tenant Admin Call Control User |
<ext>@<tenant ID> where extension is a non-admin User |
Non-admin Call Control User |
| Parameter | Value |
|---|---|
maxIdleTimeout |
3,600,000 ms (1 hour) |
maxConnectionCount |
4,000 total public WebSocket connections |
maxConnectionPerClient |
1 concurrent thread per user+IP |
blockAfterFailedLoginCount |
3 failed attempts |
blockFailedLoginWithin |
1,800,000 ms (30 minutes) |
blockPeriod |
3,600,000 ms (1 hour) |
| Parameter | Value |
|---|---|
maxThreads |
100 concurrent requests from all clients |
maxConnectionPerClient |
3 concurrent threads per user+IP |
busyDelay |
3,000 ms (returns 503 if exceeded) |
blockAfterFailedLoginCount |
3 failed attempts |
blockFailedLoginWithin |
1,800,000 ms (30 minutes) |
blockPeriod |
3,600,000 ms (1 hour) |