Authentication

Set Up and Configuration

All necessary Cisco Extension Mobility service API components are installed with the standard Unified CM installation.

To use the Cisco Extension Mobility service, create a device profile for the user who is logging in and associate it to the target device. Use the following steps to configure Cisco Extension Mobility service:

  • Activate the service. You can do this in Unified CM by selecting the Cisco Unified Serviceability in the navigation bar of the Cisco Unified CM Admin web interface. Next, select the Tools menu and select Service Activation. You will see a list of services. Make sure the Cisco Extension Mobility Interface is checked.

Extension Mobility service checked

  • Create Extension Mobility IP phone service
  • Create a user device profile
  • Assign the user device profile to an end user
  • Optional: Assign an application user to the standard EM authentication proxy rights user group
  • Enable Cisco Extension Mobility and associate the user device profile to the target device
  • Subscribe to Cisco Extension Mobility IP phone service on the target device and the device profile
  • Assign a logout device profile to a target device

Overview

To login and logout end users from devices an application user must be assigned to the Standard EM Authentication Proxy Rights user group. The application user's credentials are passed in the request body.

The end user can also use the Extension Mobility API (EMAPI) to login and logout of their device profiles using their own credentials. End users cannot login or logout other end users from devices. The end user does not need to be in a specific user group. Application users must be in the Application User group.

Service Activation and User/Group management is handled in the CUCM Serviceability and Administration sections of the CUCM admin interface, respectively. Make sure the Extention Mobility services is started.

Security

Cisco recommends that all EMAPI transactions be conducted over a secure session using HTTPS.

Depending on the connection technology used, manually installing a Unified CM self-signed certificate into a local trust store for your application may be needed.