XMPP

Overview: XMPP chat client

To Access: From the Community Admin page, click the XMPP tab.

Overview

XMPP is a chat protocol that enables users to have instant message applications and other technologies. Support in Tiki was first added in 2003, as shown in this commit. Today, XMPP support in Tiki relies on the ConverseJS XMPP client, which provides a modern web based chat interface. Using this integration, Tiki users can add real time chat features directly to their websites. See also PluginXMPP and Module XMPP.

Tiki provides real time chat features through the XMPP protocol. XMPP is an open and widely used standard for instant messaging and group communication. In Tiki, XMPP is used to enable both private conversations and shared chatrooms directly within the web interface.

Tiki does not act as an XMPP server. It relies on an external XMPP server to handle message delivery, presence, and chatroom management. The web based chat interface is provided by ConverseJS, which runs in the user’s browser and connects to the XMPP server.

What XMPP Enables in Tiki

XMPP integration allows a Tiki site to offer interactive communication features without relying on proprietary services. Users can exchange direct messages, participate in group discussions, and interact in real time. Anonymous visitors can also join public chatrooms, which makes XMPP suitable for support, community discussions, and live collaboration.

Because Tiki manages users and groups, it can automatically control access to chatrooms and authentication. This ensures that chat behavior remains consistent with the site’s permission model.

Architecture

The XMPP setup in Tiki involves several components working together. Tiki manages users, groups, and permissions, while the XMPP server is responsible for messaging and chatroom logic. ConverseJS acts as the client inside the browser and connects to the XMPP server using standard XMPP protocols.

Desktop and mobile XMPP clients can connect to the same server. This allows administrators or power users to participate in conversations without using the web interface.

Requirements

A working XMPP setup requires an operational XMPP server, a domain name, and valid TLS certificates to ensure secure communication. On the Tiki side, you need a recent version with RTC and XMPP features enabled, as well as access to the administration panels.

This feature assumes a basic level of server administration knowledge, especially for DNS and certificate management.

Choosing an XMPP Server

Tiki can connect to several XMPP servers, but Prosody is the recommended option. It is lightweight, actively maintained, and well tested with Tiki. Other servers such as Openfire, ejabberd, or Tigase can also be used, but they require different integration approaches and may not be fully documented for Tiki.

For most use cases, Prosody offers the simplest and most reliable experience.

Installing and Configuring Prosody

Use the following guide to install Prosody and connect it to Tiki’s user system:
https://wikisuite.org/How-to-install-Prosody-using-Tiki-for-its-userlist

That guide explains how to install Prosody, enable HTTP authentication with Tiki, support anonymous users, configure chatrooms, and secure the setup using TLS. It is written to work specifically with Tiki and should be followed step by step.

Configuring Tiki for XMPP

Once the XMPP server is ready, configuration continues inside Tiki. In the Admin Control Panels, under RTC and XMPP, you define how Tiki connects to the XMPP server. This includes the XMPP domain, the BOSH or WebSocket endpoint, and the authentication method.

These settings allow Tiki to automatically authenticate users, display the ConverseJS interface, and manage chatroom access based on group membership. No manual login is required for users once the configuration is complete.

ConverseJS Interface Modes

The integrated ConverseJS web client can be used in three distinct modes, depending on the desired user experience and placement.

Overlayed mode

Overlayed Mode is configured as a Tiki Module. A small box will appear on the bottom corner of the page containing a contact list. Users can click on contact list to start a chat session while simultaneously browsing the site.

Embedded mode

The Embedded mode can be configured as a wiki plugin (PluginXMPP). A chatbox will appear directly in the middle of the page content where the plugin is placed. This is typically used for persistent group chats (MUC) dedicated to the specific topic of that page.

Fullscreen mode

Fullscreen mode takes all webpage space to provide a comprehensive interface for contact lists and chat boxes, similar to a dedicated desktop application. Users can easily switch between private chats and group chats while using this mode.

User Stories and Use Cases

The following examples illustrate common ways XMPP is used in a Tiki site. They show how different types of users interact with chat based on their roles and permissions.

Alice is an anonymous visitor. She opens the site and immediately sees the ConverseJS chat interface. She asks a question in a public chatroom without creating an account. This allows visitors to interact with the community or support team instantly.
Bob is a registered user. When he logs in to Tiki, he is automatically authenticated in XMPP. He is added to the Registered chatroom without any manual action. Chat access matches his site permissions.
Charlie is a translator. He is a registered user and belongs to the Translators group in Tiki. When he logs in, he joins both the Registered chatroom and the Translators chatroom. Group membership controls which conversations he can access.
Dan is a technical user who already owns an external XMPP account. He configures his own JID in Tiki. He continues to join Tiki chatrooms while keeping his external identity. This allows advanced users to reuse existing XMPP setups.
Eve is an administrator. She uses Gajim on her desktop to connect to the same XMPP server. She joins the chatrooms and answers questions from anonymous visitors. She can moderate discussions without opening the Tiki web interface.

Groups and Chatrooms

Tiki groups are mapped directly to XMPP chatrooms. When a user joins or leaves a group in Tiki, their access to the corresponding chatroom is updated automatically. This ensures that chat permissions remain consistent with site permissions at all times.

This approach reduces administrative effort and avoids manual room management on the XMPP server.

Room membership synchronization behavior (Prosody)

When using XMPP with Multi-User Chat (MUC) auto-join based on Tiki groups, room memberships are synchronized asynchronously between Tiki, the XMPP server (Prosody), and the Converse.js client.

As a result, during login or immediately after registration, a user may not directly see the popup for chatrooms they should be in.

This is expected behavior and usually resolves automatically within a few seconds as the systems sync. If needed, a simple page reload will finalize the room membership. This design avoids blocking the user interface while ensuring correct and scalable synchronization.

Chat Clients

The primary chat interface in Tiki is ConverseJS, which runs in the browser. In addition, users can connect using desktop clients such as Gajim or mobile XMPP clients. All clients connect to the same XMPP server and share the same chatrooms, which provides flexibility without duplicating configuration.

Limitations

XMPP integration in Tiki requires server level configuration and is not a plug and play feature. Administrators must manage DNS, certificates, and the XMPP server itself.

Outdated Information

Installing the XMPP Prebind library for TikiToken

The XMPP Prebind library candy-chat/xmpp-prebind-php allows Tiki to perform automatic login to an XMPP server using the Openfire TikiToken authentication method. This makes the user experience smoother because users do not have to type their username and password to join the chat.

Importance:

Required only for the TikiToken authentication method.
Not needed for Username/Password or OAuthBearer Token authentication.
If you select TikiToken in the admin settings but the library is not installed, Tiki will still work: ConverseJS will fall back to standard BOSH login, and users can still access chat. No warning appears in the admin UI.

Library source: https://packagist.org/packages/candy-chat/xmpp-prebind-php

Installation steps:

Open a terminal and go to your Tiki installation folder.
Require the library using Composer:

Copy to clipboard

composer require candy-chat/xmpp-prebind-php

Composer will download and install the library.
After installation, Tiki will detect the library automatically. The class `XmppPrebind` will now be available.
Go to Admin home > RTC > XMPP and select the TikiToken authentication method. The prebind library will be used automatically.

Note: Installing this library is optional. Without it, TikiToken authentication will silently fall back to standard login, so chat still works, but users will not get the automatic login experience.

Option	Description	Default
XMPP client (ConverseJS)	Integration with Converse.js XMPP client.	Disabled
XMPP server domain	XMPP server domain example.org	None
XMPP client port	TCP port used to connect to the XMPP server (C2S) 5222	5222
Authentication method	The authentication method to be used by XMPP client Plain \| OAuth (uses Tiki as provider) \| Openfire TikiToken \| Prosody HTTP Auth	None
XMPP MUC Domain	Domain of the MUC (multi-user chat) service (used by both Openfire and Prosody) conference.example.org	None
XMPP BOSH URL (http-bind)	Full URL to the http-bind endpoint (used by both Openfire and Prosody). Used only if no WebSocket URL is configured. https://xmpp.example.org/http-bind/	None
Openfire REST API endpoint	Full URL to API endpoint https://xmpp.example.org:9091/plugins/restapi/v1/	None
Rest API username	Username to allow Openfire API usage	None
Rest API password	Password to allow Openfire API usage	None
Allow anonymous	Allow anonymous users on Chat	Disabled
XMPP WebSocket URL	WebSocket endpoint for ConverseJS. If set, this takes precedence over the BOSH (http-bind) URL. wss://xmpp.example.org/xmpp-websocket	None
XMPP domain for registered users	Domain used by XMPP server for authenticated members xmpp.example.org	None
XMPP domain for anonymous visitors	Domain used by XMPP server for guest/anonymous logins guest.example.org	None
Anonymous visitor mode	Choose if anonymous visitors join a community room or a dedicated support room Community room \| Personalized support	Community room
Default anonymous chat room	Room where guests are automatically joined community at conference.example.org	None
Anonymous support room	Room where guests are joined when anonymous mode is set to personalized support support at conference.example.org	None
Default registered chat room	Room where registered members are auto-joined registered at conference.example.org	None
Mapping Tiki groups to chat rooms	JSON mapping of Tiki groups to rooms { "Registered": "registered@conference.example.org", "Translators": "translators@conference.example.org" }	None
Auto-join strategy	Define how users are auto-joined into chat rooms By groups \| Static \| Disabled	By groups
XMPP shared secret (HTTP auth)	Shared secret used to secure HTTP authentication requests between Prosody and Tiki. Must match the value configured in prosody.cfg.lua.	None
CORS allowed origins (comma-separated)	List of allowed origins (comma-separated URLs) for Cross-Origin Resource Sharing. Only requests from these origins will be accepted by the XMPP auth endpoint.	None
XMPP Admin JID	Full JID of XMPP admin (must be listed in Prosody admins) admin at xmpp.example.org	None
XMPP Admin Password	Password of XMPP admin	None
Always Load ConverseJS	Adds the ConverseJS Javascript and CSS files to every page.	Disabled
ConverseJS Debug Mode	Enables more logging, e.g. XML stanzas and error tracebacks to the JavaScript Console	Disabled
ConverseJS Extra Settings	JSON format object defining extra optional settings to initialize ConverseJS	None

New in Tiki17: the addition of the ConverseJS XMPP client.
New in Tiki19: PluginXMPP to embed a chatroom in a wiki page

The reference implementation is with Openfire, but this should work with any XMPP server (perhaps with fewer features).

alias