Domains

Domains, routing and user visibility

The domain is the main framework or container of the users. Any user needs to be assigned to a domain.

Domains are nested in parent-child relationship, starting from a domain named by default as “quobis”. This is the top-level domain and cannot be changed, renamed or removed. In addition, the “quobis” domain is the default one when no domain is given when mapping users to domains. Every domain need to have one and only one parent domain, in a nested parent-child relationship as shown belown:

- quobis (top-level and default domain)
     |___ anonymous (only since v5.0.0)
     |___ domain1
     |___ domain2
             |___ domain3
             |___ domain4
     |___ domain5
             |___ domain6
                     |___  domain7
                     |___  domain8

Since version v5.0.0, there is also a domain named “anonymous” that is automatically created by default and that cannot be edited or removed. All anonymous users are mapped into this domain, which is a “child” of the main “quobis” domain.

The users of a domain have all the other users of the domain accessible to reach for presence and other information. Users from other domains are still reachable (you can dial and call them, using the username@domain unique identifier), but not directly accessible as other users from your own domain.

Any request on your application that involves an username without specifing the domain will result on the resolution along your own domain. For example, in the case that there are two users on the system, namely bob@quobis and bob@acme, if you as user of the quobis domain (alice@quobis) try to call bob, it will be resolved as bob@quobis. You always have the option to call “the other Bob” if you dial directly to bob@acme.

Listing domains

An administrator user can retrieve the list of the domains on the system and their properties;

GET https://wac:8001/sapi/domains HTTP/1.1
Authorization: Bearer ec3fe973ea047b6fd38228eb9f9b9661cbb5b0fdeac01ff13af1ee
Content-Type: application/json

[
    {
        "id": "57877673e8f15d3472817349",
        "parent": null,
        "domain": "quobis",
        "origins": [null],
        "enableAnonymous": false,
        "anonymousExpiration": 0,
        "anonymousCapabilities": [],
        "services": {
            "callalarms": [],
            "callcontrol": [],
            "chat": [],
            "contacts": [
                "wac",
                "static"
            ],
            "datapipe": [],
            "filetransfer": [],
            "forms": [],
            "im": [],
            "ldap": [],
            "login": [],
            "meetings": [],
            "oauth2client": [],
            "presence": [],
            "remotelog": [],
            "usersettings": ["wac"]
        }
    }
]

Where the following fields can be found:

Domain values

Parameter

Value

id

UUID of the domain. To be used for other API operations.

parent

This field will indicate the parent domain. Parent domain limitations will be extended to the the child domain.

domain

Name of the domain

origins

Used to map the domain specified on the username login body request with the anonymous credential assigned.

enableAnonymous

Anonymous login enabling option.

anonymousExpiration

Time in milliseconds anonymous users are allowed to perform operations on the system before they will be requested to refresh the authentication.

anonymousCapabilities

List of capabilities of the anonymous users for this domain. Check Users capabilities to expand information about this topic.

services

List of services available on the system. Some ones will include extra details in order to define the backends included on it.

Getting details about an specific domain

Once you get the UUID of the domain, you can retrieve the details of your domain. The READ access to the user’s domain details is granted for all users of the domain.

GET https://wac:8001/sapi/domains/57877673e8f15d3472817349 HTTP/1.1
Authorization: Bearer ec3fe973ea047b6fd38228eb9f9b9661cbb5b0fdeac01ff13af1ee
Content-Type: application/json

Creating a domain

On multi-tenant environments or based on the specific business needs, it is recommened to have separated domains for different sets of users. This can be easily managed using the REST API to create the desired domains for the system.

POST https://wac:8001/sapi/domains HTTP/1.1
Authorization: Bearer ec3fe973ea047b6fd38228eb9f9b9661cbb5b0fdeac01ff13af1ee
Content-Type: application/json

{
    "domain": "demo.quobis.com",
    "parent": "quobis",
    "origins": ["demo.quobis.*"],
    "enableAnonymous": true,
    "services": {
        "login": [],
        "presence": [],
        "callcontrol": [],
        "contacts": ["wac", "static"]
    }
}

The previous example will create a new domain on the system that enables anonymous access and limit the services available to these users to the specified ones.

As you can understand it is specially interesting on use cases where anonymous users are involved. But also allows to create several domains where the users are not visible between them.

Update a domain

Typical use cases to update a domain is to grant a new service, remove it or to assign a new domain for the anonymous REFERRER header.

On this case, just use the PUT command with the UUID of the domain.

PUT https://wac:8001/sapi/domains/578895afe8f15d347281734f HTTP/1.1
Authorization: Bearer ec3fe973ea047b6fd38228eb9f9b9661cbb5b0fdeac01ff13af1ee
Content-Type: application/json

{
    "domain": "demo.quobis.com",
    "parent": "quobis",
    "origins": ["demo.quobis.com", "showcase.quobis.com"],
    "enableAnonymous": false,
    "services": {
        "login": [],
        "presence": [],
        "callcontrol": [],
        "contacts": ["wac", "static"]
    }
}