Howto:OpenTalk - 3rd Party Product: Difference between revisions
M.lasarsch (talk | contribs) (Created page with "The following describes how to integrate OpenTalk seamlessly into the Innovaphone myApps/PBX. The PBX must be available in at least version 137781. You also need an existing OpenTalk installation, a description of how to install OpenTalk on premise can be found here: https://gitlab.opencode.de/opentalk/ot-setup === OAuth2 basic settings === Navigate within myApps as follows: '''Devices > PBX > Config > Authentication''' * Select the '''Authentication type''': PBX and O...") |
mNo edit summary |
||
| (8 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
The following describes how to integrate OpenTalk seamlessly into the | <!-- replace CompanyLogo by real logo-name. Do not change size & alignment. Upload image by pressing red link --> | ||
[[Image:OpenTalk_LOGO_1C_SCHWARZ.png||200px|right|alt=OpenTalk|OpenTalk]] | |||
==Product Name== | |||
<!-- Mandatory topic. --> | |||
<!-- replace CompanyName & ProductName by real names and add URL to productpage --> | |||
[https://opentalk.eu OpenTalk] | |||
==Certification Status== | |||
<!-- Do not change this section and do not remove comments. Will be done by innovaphone upon document check --> | |||
<!-- do not remove comment. Will be added by innovaphone upon document check, app availablity in innovaphone-appstore & operational check --> | |||
{{Template:Compat_Status_referral_product_new}} | |||
Testing of this product has been finalized February 2024. | |||
==Category== | |||
<!-- Do not change this section and do not remove comments. Will be done by innovaphone upon document check --> | |||
[[Category:Referral Product|{{PAGENAME}}]] | |||
{{Category:3rdParty_Conferencing_/_Video_Systems}} | |||
[[Category:3rdParty_Conferencing_/_Video_Systems|{{PAGENAME}}]] | |||
==Vendor== | |||
<!-- Mandatory topic. --> | |||
<!-- Give some introducting words about the vendor itself --> | |||
<!-- Place optional company logo. Don't change logo size. --> | |||
[[Image:OpenTalk_LOGO_1C_SCHWARZ.png|200px|alt=OpenTalk|OpenTalk]] | |||
==Description== | |||
<!-- Mandatory topic. --> | |||
<!-- Give description about the product, benefits, other information to mention to understand main product purpose --> | |||
OpenTalk is an open-source video-conferencing solution, both available for on-premise installation and SaaS on [https://register.opentalk.eu/ meet.opentalk.eu]. | |||
==Functions== | |||
<!-- Mandatory topic. --> | |||
<!-- Give functional description about the product. Use formattings if needed --> | |||
* video conferences | |||
* easy and modern web-ui with mobile support | |||
* phone dial-in | |||
* integration into 3rd party products | |||
* voting and polls | |||
* breakout rooms for sub-conferences | |||
==Version== | |||
Product versions used for interop testing: | |||
* [https://gitlab.opencode.de/opentalk/ot-setup OpenTalk Git 1.7.0] | |||
* innovaphone 13r3sr3 (137781) | |||
==Configuration== | |||
The following describes how to integrate OpenTalk seamlessly into the innovaphone myApps/PBX. | |||
The PBX must be available in at least version 137781. | The PBX must be available in at least version 137781. | ||
| Line 7: | Line 55: | ||
Navigate within myApps as follows: '''Devices > PBX > Config > Authentication''' | Navigate within myApps as follows: '''Devices > PBX > Config > Authentication''' | ||
* Select the '''Authentication type''': PBX and OAuth2 | * Select the '''Authentication type''': PBX and OAuth2 | ||
* Set an '''OAuth2 provider name''', e.g: | * Set an '''OAuth2 provider name''', e.g: innovaphone auth. with OpenTalk | ||
* Set the '''OAuth2 domain''', or the URL to your OpenTalk installation: opentalk.yourdomain.com | * Set the '''OAuth2 domain''', or the URL to your OpenTalk installation: opentalk.yourdomain.com | ||
[[File:Innovaphone opentalk 1.png| | [[File:Innovaphone opentalk 1.png|800px|alt=OpenTalk OAuth basic|OpenTalk OAuth basic settings]] | ||
=== Activate and set up OAuth2 === | === Activate and set up OAuth2 === | ||
| Line 29: | Line 77: | ||
'''Tip:''' The '''OpenID known configuration URL''' can be tested by calling it in a browser, if successful a JSON is returned confirming the correct URL for the known configuration. | '''Tip:''' The '''OpenID known configuration URL''' can be tested by calling it in a browser, if successful a JSON is returned confirming the correct URL for the known configuration. | ||
[[File:Innovaphone opentalk 2.png|800px|alt=OpenTalk configuration|OpenTalk configuration]] | |||
=== Verify OAuth2 configuration === | === Verify OAuth2 configuration === | ||
| Line 36: | Line 86: | ||
You have the option to check the configuration from the previous steps independently, if all parameters have been set correctly, the test result should be as follows: | You have the option to check the configuration from the previous steps independently, if all parameters have been set correctly, the test result should be as follows: | ||
[[File:Innovaphone opentalk 3.png| | [[File:Innovaphone opentalk 3.png|800px|alt=OpenTalk verify OAuth|OpenTalk verify OAuth]] | ||
=== | === innovaphone LDAP and Keycloak User Federation === | ||
Navigate within myApps as follows: '''Devices > Services > LDAP > Server''' | Navigate within myApps as follows: '''Devices > Services > LDAP > Server''' | ||
* Set an LDAP user that is used within Keycloak as a service user for LDAP queries | * Set an LDAP user that is used within Keycloak as a service user for LDAP queries | ||
| Line 50: | Line 100: | ||
'''Bind type:''' simple | '''Bind type:''' simple | ||
The other settings and options under '''LDAP searching and updating''' depend heavily on the type of use of the Keycloak LDAP connection, e.g. should the user creation be realized via Keycloak or should everything be managed centrally via | The other settings and options under '''LDAP searching and updating''' depend heavily on the type of use of the Keycloak LDAP connection, e.g. should the user creation be realized via Keycloak or should everything be managed centrally via innovaphone. | ||
This must be decided and set up depending on the use case. | This must be decided and set up depending on the use case. | ||
==Contact== | |||
{| | |||
| OpenTalk GmbH | |||
|- | |||
| Schwedter Str. 9a | |||
|- | |||
| 10119 Berlin | |||
|- | |||
| Web: [https://opentalk.eu opentalk.eu] | |||
|- | |||
| Mail: [mailto:mail@opentalk.eu mail@opentalk.eu] | |||
|} | |||
Latest revision as of 08:15, 21 February 2024
Product Name
Certification Status
This product is listed due to a customer testimonial. No tests have been conducted by innovaphone.
Testing of this product has been finalized February 2024.
Category
IP based conferencing and video systems
Vendor
Description
OpenTalk is an open-source video-conferencing solution, both available for on-premise installation and SaaS on meet.opentalk.eu.
Functions
- video conferences
- easy and modern web-ui with mobile support
- phone dial-in
- integration into 3rd party products
- voting and polls
- breakout rooms for sub-conferences
Version
Product versions used for interop testing:
- OpenTalk Git 1.7.0
- innovaphone 13r3sr3 (137781)
Configuration
The following describes how to integrate OpenTalk seamlessly into the innovaphone myApps/PBX. The PBX must be available in at least version 137781.
You also need an existing OpenTalk installation, a description of how to install OpenTalk on premise can be found here: https://gitlab.opencode.de/opentalk/ot-setup
OAuth2 basic settings
Navigate within myApps as follows: Devices > PBX > Config > Authentication
- Select the Authentication type: PBX and OAuth2
- Set an OAuth2 provider name, e.g: innovaphone auth. with OpenTalk
- Set the OAuth2 domain, or the URL to your OpenTalk installation: opentalk.yourdomain.com
Activate and set up OAuth2
Navigate within myApps as follows Devices > Services > OAuth2 > Config.
- Enable the OAuth2 "Config" with the checkbox Enable: √.
- Set the DNS name of this gateway, for example: pbx.yourdomain.com
- Set the OpenID known configuration URL, for example: https://accounts.opentalk.ihredomain.de/auth/realms/realm-name/.well-known/openid-configuration
- Set the Client ID to the client ID you defined in the keycloak, e.g.: pbxauth
- Set the upn (unique email address): email
The OpenID known configuration URL is always made up of the domain for the keycloak and the realm name. So please replace the above part accounts.opentalk.yourdomain.com with your own keycloak domain. The realm name above is the realm you have configured in Keycloak. If we assume that the Keycloak installation is based on the provided OpenSource installation (https://gitlab.opencode.de/opentalk/ot-setup) and no changes have been made to the realm, the realm name is opentalk.
Tip: The OpenID known configuration URL can be tested by calling it in a browser, if successful a JSON is returned confirming the correct URL for the known configuration.
Verify OAuth2 configuration
Navigate within myApps as follows: Devices > Services > OAuth2 > State
You have the option to check the configuration from the previous steps independently, if all parameters have been set correctly, the test result should be as follows:
innovaphone LDAP and Keycloak User Federation
Navigate within myApps as follows: Devices > Services > LDAP > Server
- Set an LDAP user that is used within Keycloak as a service user for LDAP queries
- Activate the Force TLS option in any case
First select the correct realm in Keycloak, do not edit the master realm in this context. Select "opentalk" or the realm you have created.
Navigate within the Keycloak as follows: User federation > Add new provider > LDAP Connection URL: ldaps://pbx.yourdomain.com:636 Use Truststore SPI: Only for ldaps Bind type: simple
The other settings and options under LDAP searching and updating depend heavily on the type of use of the Keycloak LDAP connection, e.g. should the user creation be realized via Keycloak or should everything be managed centrally via innovaphone.
This must be decided and set up depending on the use case.
Contact
| OpenTalk GmbH |
| Schwedter Str. 9a |
| 10119 Berlin |
| Web: opentalk.eu |
| Mail: mail@opentalk.eu |