2.5.2 Perform Registration and Authentication


This use case, illustrated in the following diagram, describes how a protocol client registers and authenticates to the protocol server.

Steps for performing registrationRegistration and authentication (2)

Figure 2: Steps for performing registration and authentication (2)



  • The protocol client is connected to the server.


  1. The protocol client sends a REGISTER request to the user’s home server. The request asks the server to provide the following information:

    • A Globally Routable User Agent URI (GRUU), as described in [MS-SIPRE].

    • Acknowledgment of support for Resource lists for enhanced presence, as described in [MS-PRES].

    • Acknowledgment of support for an XML document conforming to the enhanced presence XML schema, as described in [MS-PRES].

    • Acknowledgment of support for the connection keep-alive mechanism described in [MS-CONMGMT].

  2. In response to the protocol client’s REGISTER request, the server requests user authentication and offers the protocol client a choice of using either the Kerberos authentication protocol or the NT LAN Manager (NTLM) Authentication Protocol by sending a SIP authentication (2) challenge, such as a SIP 401 or 407 response, to the protocol client.

  3. The protocol client then sends the appropriate authentication token in another REGISTER request to the server, as described in [MS-SIPAE].

  4. The server verifies the protocol client’s authentication token, as provided by the authentication extensions described in [MS-SIPAE]. The server returns a response to the protocol client that includes the following:

    • The server generates a GRUU for the newly registered endpoint and returns it to the protocol client, as described in [MS-SIPRE] and [MS-SIPREGE].

    • The server can also confirm support for the keep-alive mechanism, provide encrypted proof for the protocol client of the server’s own authenticity, and offer a way to verify that the protocol client and server are in synch for user presence, as described in [MS-SIPREGE].


  • The protocol client is now authenticated and registered with the server.