Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unauthorized API calls #141

Open
DaSpors opened this issue Oct 10, 2019 · 0 comments
Open

Unauthorized API calls #141

DaSpors opened this issue Oct 10, 2019 · 0 comments

Comments

@DaSpors
Copy link

DaSpors commented Oct 10, 2019

We use the sipgate REST API to setup sipgate.io URLs for our application as documented here:
https://api.sipgate.com/v2/doc#/settings/setSipgateIoUrls

Everythig is fine until the customer deletes his account on our side. We then drop all customer-related data but are still receiving calls from the sipgate.io system. Those calls are token-secured but the tokens do not exist anymore. The API-Calls are unauthenticated and we send a "403 Forbidden" header back, but this does not stop sipgate.io from polling on and on.

So feature request: React on some HTTP headers by stopping or allow an XML response to the "newCall" event that will make sipgate.io remove the URLs and stops calling our API.

Sample 1: Stop and remove config on sipgate.io side)

<?xml version="1.0" encoding="UTF-8"?>
<Response>
    <Unauthorized action="stop"/>
</Response>

Sample 2: Pause for some minutes/hours/days/calls

<?xml version="1.0" encoding="UTF-8"?>
<Response>
    <Unauthorized action="pause" value="1" unit="minute|hour|day|calls|..."/>
</Response>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DaSpors