From Kosmos Wiki
Revision as of 17:09, 14 February 2020 by Greg (talk | contribs) (Add section about SASL being disabled once we switch to auth using LDAP)
Jump to navigation Jump to search

What is XMPP?

XMPP is an open standard for instant messages as well as voice and video chat. With XMPP, you can send and receive messages between users on thousands of different chat providers.

How to connect

Usually, you only need your user address and password to configure your chat application.

Your user address is


For advanced users and/or troubleshooting:

C2S port
5222 (StartTLS), 5223 (TLS)
S2S port
Bosh URL
In-band Registration



We are going to switch over the accounts to use LDAP. This has no happened yet, you will receive an email when that happens with a unique generated password and instructions to change it.

The LDAP implementation in ejabberd doesn't support SASL authentication.

You can authenticate users against an LDAP directory. Note that current LDAP implementation does not support SASL authentication.[1]:

The implication is that the user does not send a salted & hashed password to ejabberd, so the ejabberd process has access to a user's password and sends it over to the LDAP server to authenticate. This is considered PLAIN auth, even when both the XMPP c2s connection and the LDAP connect using TLS

There is an RFC, "Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets"[2]).


Some clients will display a warning because they detect that the auth used to be done with SASL, but not any longer. The most common one is Conversations, the Android client, so we are including instructions for it.

How to accept the warning in Conversations

In Conversations you can accept the warning by pressing "Accept" in the account details, that appears where the "Save" button is normally. [3]

Multi-user Chat (MUC)

The server is host to a variety of chat rooms. The server's MUC domain is Thus, room addresses look like Only local users (with a address) are currently allowed to create chat rooms on

Come talk to us in!

Tor hidden service

You can connect to the XMPP server directly from the Tor network. The configuration is the same as for clearnet, except for the server to connect to: