Thanks for your feedback.
Configure call push notifications for Webex BroadWorks
Feedback?In this document we use the term Call Notifications Push Server (CNPS) to describe an XSP-hosted, or ADP-hosted application that runs in your environment. Your CNPS works with your BroadWorks system to be aware of incoming calls to your users, and pushes notifications of those to the Google Firebase Cloud Messaging (FCM) or Apple Push Notification service (APNs) notification services.
Those services notify the mobile devices of Webex for Cisco BroadWorks subscribers that they have incoming calls on Webex.
For more information about NPS, see the Notification Push Server Feature Description.
A similar mechanism in Webex works with Webex messaging and presence services to push notifications to the Google (FCM) or Apple (APNS) notification services. Those services in turn notify the mobile Webex users of incoming messages or presence changes.
This section describes how to configure NPS for authentication proxy when the NPS doesn’t already support other apps. If you need to migrate a shared NPS to use NPS proxy, see Updating Cisco BroadWorks NPS to Use NPS Proxy.
NPS Proxy Overview
For compatibility with Webex for Cisco BroadWorks, your CNPS must be patched to support the NPS Proxy feature, Push Server for VoIP in UCaaS.
The feature implements a new design in the Notification Push Server to resolve the security vulnerability of sharing push notification certificate private keys with service providers for mobile clients. Instead of sharing push notification certificates and keys with the service provider, the NPS uses a new API to obtain a short-lived push notification token from Webex for Cisco BroadWorks backend, and uses this token for authentication with the Apple APNs and Google FCM services.
The feature also enhances the capability of the Notification Push Server to push notifications to Android devices through the new Google Firebase Cloud Messaging (FCM) HTTPv1 API.
-
For more information, see the Push Server for VoIP in UCaaS Feature Description.
-
The BroadWorks patches for the feature are available on: https://software.cisco.com/download/home/286326302/type/286326345/release/RI.2022.04.
For NPS software and patches, see the section Prepare Your NPS for Webex for Cisco BroadWorks.
Search and download the patch from the software download page.
-
More information on the ADP server can be found at Cisco BroadWorks Application Delivery Platform.
APNS Considerations
Apple will no longer support the HTTP/1-based binary protocol on the Apple Push Notification service after March 31, 2021. We recommend that you configure your XSP|ADP to use the HTTP/2-based interface for APNs. This update requires that your XSP|ADP hosting the NPS be running R22 or later.
Prepare Your NPS for Webex for Cisco BroadWorks
| 1 |
Install and configure a dedicated XSP (minimum version R22), or Application Delivery Platform (ADP). |
| 2 |
Install the NPS Authentication Proxy patches: XSP R22 patches: XSP R23 patches: |
| 3 |
Activate the Notification Push Server application. |
| 4 |
(For Android notifications) Enable the FCM v1 API on the NPS.
|
| 5 |
(For Apple iOS notifications) Enable HTTP/2 on the NPS.
This is exclusive to Release 22 and earlier versions; it is not available in Release 23 and above versions, which only support HTTP/2. |
| 6 |
Attach a techsupport from the NPS XSP/ADP. |
| 7 |
On each AS server, the namedefs file in Example: _pushnotification-client._tcp.qaxsps.broadsoft.com SRV 20 20 443 qa149.vle.broadsoft.com qa149.vle.broadsoft.com IN A 10.193.78.149 Once set, one of the following is required to pickup the changes:
|
What to do next
For fresh installs of an NPS, go to Configure NPS to use authentication proxy
To migrate an existing Android deployment to FCMv1, go to Migrate NPS to FCMv1
Configure NPS to use authentication proxy
This task applies to a new installation of NPS, dedicated to Webex for Cisco BroadWorks.
If you want to configure the authentication proxy on an NPS that is shared with other mobile apps, see Updating Cisco BroadWorks NPS to Use NPS Proxy.
| 1 |
Obtaining OAuth credentials for your Webex for Cisco BroadWorks. | |||||||||||||||||||
| 2 |
Create the client account on the NPS:
To verify the values you entered match with what you were given, run
The CiscoCI issuerUrl should ALWAYS be US CI cluster irrespective of your location and the default should be: | |||||||||||||||||||
| 3 |
Enter the NPS Proxy URL, and set the token refresh interval (30 minutes recommended):
To enhance the DNS resolution speed, instead of the current FQDN nps.uc-one.broadsoft.com we recommend you to use the appropriate FQDN based on your region. Region-based FQDNs: US East:
US West:
Europe:
If push notifications time out due to a delay in DNS resolution, increase the timeout value in the "/etc/resolv.conf" file on the BroadWorks server. | |||||||||||||||||||
| 4 |
(For Android notifications) Add the Android application ID to the FCM applications context on the NPS.
| |||||||||||||||||||
| 5 |
(For Apple iOS notifications) Add the application ID to the APNS applications context, making sure to omit the Auth key – set it to empty.
| |||||||||||||||||||
| 6 |
Configure the following NPS URLs:
| |||||||||||||||||||
| 7 |
Configure the following NPS connection parameters to the recommended values shown:
| |||||||||||||||||||
| 8 |
Check if the Application Server is screening application IDs, because you may need to add the Webex apps to the allow list: | |||||||||||||||||||
| 9 |
Restart the XSP|ADP: | |||||||||||||||||||
| 10 |
Test call notifications by making calls from a BroadWorks subscriber to two Webex mobile users. Verify that the call notification appears on iOS and Android devices. |
Migrate NPS to FCMv1
This topic contains optional procedures that you can use in Google FCM Console when you have an existing NPS deployment that you need to migrate to FCMv1. There are three procedures:
-
Migrate UC-One clients to FCMv1—When you have existing UCaaS clients and need to migrate them to use FCMv1.
-
Migrate SaaS Clients to FCMv1—When you have existing SaaS clients and need to migrate them to use FCMv1.
-
Update ADP Server—When you are migrating the NPS to an ADP server.
Migrate UC-One Clients to FCMv1
Use the below steps in Google FCM Console to migrate UC-One clients to Google FCM HTTPv1.
If branding is applied to the client, the client must have the Sender ID. In the FCM Console, see . The setting appears in the Project credentials table.
For details, see the Connect Mobile Branding Guide at https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/UC-One/UC-One-Collaborate/Connect/Mobile/IandO/ConnectBrandingGuideMobile-R3_8_3.pdf?. Refer to the gcm_defaultSenderId parameter, which is located in the Branding Kit, Resource folder, branding.xml file with the below syntax:
<string name="gcm_defaultSenderId">xxxxxxxxxxxxx</string>
-
Log into FCM Admin SDK at http://console.firebase.google.com.
-
Select the appropriate Android application.
-
In the General tab, record the project ID
-
Navigate to the service accounts tab to configure a service account. You can create a new service account or configure an existing one.
To create a new Service Account:
-
Click the blue button for create new service account
-
Click on the blue button to generate a new private key
-
Download key to a secure location
To reuse an existing service account:
-
Click on the blue text to view existing service accounts.
-
Identify the service account to use. Service account needs permission firebaseadmin-sdk.
-
On the very right, click the hamburger menu and create a new private key.
-
Download the json file that contains the key and save to a secure location.
-
-
Copy the json file onto the XSP|ADP.
-
Configure the project ID and :
XSP|ADP_CLI/Applications/NotificationPushServer/FCM/Projects> add <project id> <path/to/json-key-file> ...Done XSP|ADP_CLI/Applications/NotificationPushServer/FCM/Projects> get Project ID Accountkey ======================== my_project ******** -
Configure the application:
XSP|ADP_CLI/Applications/NotificationPushServer/FCM/Applications> add <app id> projectId <project id> ...Done XSP|ADP_CLI/Applications/NotificationPushServer/FCM/Applications> get Application ID Project ID ============================== my_app my_project -
Enable FCMv1:
XSP|ADP_CLI/Applications/NotificationPushServer/FCM> set V1Enabled true ...Done -
Run the
bwrestartcommand to restart the XSP|ADP.
Migrate SaaS Clients to FCMv1
Use the below steps on Google FCM Console if you want to migrate SaaS clients to FCMv1.
Make sure that you have already completed the procedure "Configure NPS to Use Authentication Proxy".
-
Disable FCM:
XSP|ADP_CLI/Applications/NotificationPushServer/FCM> set V1Enabled false ...Done -
Run the
bwrestartcommand to restart the XSP|ADP. -
Enable FCM:
XSP|ADP_CLI/Applications/NotificationPushServer/FCM> set V1Enabled true ...Done -
Run the
bwrestartcommand to restart the XSP|ADP.
Update ADP Server
Use the below steps in Google FCM Console if you are migrating the NPS to use an ADP server.
-
Get the JSON file from the Google Cloud Console:
-
On the Google Cloud Console, go to the Service Accounts page.
-
Click Select a project, choose your project and click Open.
-
Find the row of the service account that you want to create a key for, click the More vertical button, then click Create key.
-
Select a Key type and click Create
The file downloads.
-
-
Add FCM to the ADP server:
-
Import the JSON file to the ADP server using the
/bw/installcommand. -
Login to the ADP CLI and add Project and API key:
ADP_CLI/Applications/NotificationPushServer/FCM/Projects> add connect /bw/install/google JSON: -
Next, add the Application and key:
ADP_CLI/Applications/NotificationPushServer/FCM/Applications> add com.broadsoft.ucaas.connect projectId connect-ucaas...Done -
Verify the configuration:
ADP_CLI/Applications/NotificationPushServer/FCM/Projects> g Project ID Accountkey ======================== connect-ucaas ******** ADP_CLI/Applications/NotificationPushServer/FCM/Applications> g Application ID Project ID =================================== com.broadsoft.ucaas.connect connect-ucaas
-
