Service Installation
      Back to home
      1. ThinkTel Help Centre
      2. SIP Trunking
      3. Service Installation

      How does ThinkTel SIP authentication work?

      Be advised that SIP authentication cannot be disabled. If your PBX is not compatible, please reach out to our Sales Engineering team for further instructions. 


      Very few PBX systems can't authenticate nowadays and as security is always an issue, we will only turn authentication off if there are no other options. We can turn it off briefly for testing purposes but must be enabled within the end of regular business hours.

      The below PBX's have been confirmed by our engineers as non-compatible and are approved to have SIP authentication disabled.
      • Right Fax 
      • FaxBack 
      • FaxCore(Version EV5) 
      • Nextone SBC 
      • AVAYA IP OFFICE 9.0 - Metaswitch

      PBX's that were previously not able to use SIP Authentication but are now proven compatible by our sales engineers. Please follow the below links to find out how to get your PBX to authenticate with Thinktel.


      Sonus 5200NBS SBC's (Session Border Controller) have been confirmed by our engineers as non-compatible and are approved to have SIP authentication disabled.

      SIP Authentication: Used for all VoIP lines

      We authenticate against your username (Directory Number), Realm (Proxy) and SIP password for all SIP requests that require authorization (INVITE, UPDATE, BYE, etc).

      When we receive an invite(call) we expect to see an authentication digest, with your username, proxy(realm) and password.
      Authorization: Digest username="7805551234",realm="edm.trk.tprm.ca",nonce="d899a43f8399",uri="sip:5875551234@edm.trk.tprm.ca"

      If a digest is not sent or has the wrong information, we will return a SIP 401 unauthorized.
      We then expect a new invite with the correct authentication digest.
      If we don't get a reINVITE with valid SIP authentication the call will not terminate.

      SIP password requirements:
      Must be at least 10 characters long.
      Must contain at least 1 upper case character
      Must contain at least 1 lower case character
      Must contain at least 1 digit [0-9]

      For further information on authentication please refer to these RFC articles.

      IP Authentication: Used for SIP Trunking.

      We authenticate against your configured IP binding for your Pilot. We confirm against our ACL (Access Control List).

      Your VIA and Contact header must contain your contact IP address and port.

      • When we receive an invite(call) we expect the call to come from your configured SIP binding (The IP).
      • So, if a call comes in from another IP, we will return a SIP 403 forbidden and the call will not terminate.

      We hope this info was a help. If you have any problems or questions, please let us know.
      You can open a support ticket or contact us atphone-icon-blue 1-888-852-2381 for additional assistance.