XMPP
- Overview
- XMPP chat client
- To Access
- From the Community Admin page, click the XMPP tab.
Overview
XMPP is a chat protocol that enables users to have instant message applications and other technologies. Support in Tiki was first added in 2003, as shown in this commit. Today, XMPP support in Tiki relies on the ConverseJS XMPP client, which provides a modern web based chat interface. Using this integration, Tiki users can add real time chat features directly to their websites. See also PluginXMPP and Module XMPP.
Tiki provides real time chat features through the XMPP protocol. XMPP is an open and widely used standard for instant messaging and group communication. In Tiki, XMPP is used to enable both private conversations and shared chatrooms directly within the web interface.
Tiki does not act as an XMPP server. It relies on an external XMPP server to handle message delivery, presence, and chatroom management. The web based chat interface is provided by ConverseJS, which runs in the user’s browser and connects to the XMPP server.
What XMPP Enables in Tiki
XMPP integration allows a Tiki site to offer interactive communication features without relying on proprietary services. Users can exchange direct messages, participate in group discussions, and interact in real time. Anonymous visitors can also join public chatrooms, which makes XMPP suitable for support, community discussions, and live collaboration.
Because Tiki manages users and groups, it can automatically control access to chatrooms and authentication. This ensures that chat behavior remains consistent with the site’s permission model.
Architecture
The XMPP setup in Tiki involves several components working together. Tiki manages users, groups, and permissions, while the XMPP server is responsible for messaging and chatroom logic. ConverseJS acts as the client inside the browser and connects to the XMPP server using standard XMPP protocols.
Desktop and mobile XMPP clients can connect to the same server. This allows administrators or power users to participate in conversations without using the web interface.
Requirements
A working XMPP setup requires an operational XMPP server, a domain name, and valid TLS certificates to ensure secure communication. On the Tiki side, you need a recent version with RTC and XMPP features enabled, as well as access to the administration panels.
This feature assumes a basic level of server administration knowledge, especially for DNS and certificate management.
Choosing an XMPP Server
Tiki can connect to several XMPP servers, but Prosody is the recommended option. It is lightweight, actively maintained, and well tested with Tiki. Other servers such as Openfire, ejabberd, or Tigase can also be used, but they require different integration approaches and may not be fully documented for Tiki.
For most use cases, Prosody offers the simplest and most reliable experience.
Installing and Configuring Prosody
Use the following guide to install Prosody and connect it to Tiki’s user system: https://wikisuite.org/How-to-install-Prosody-using-Tiki-for-its-userlist
That guide explains how to install Prosody, enable HTTP authentication with Tiki, support anonymous users, configure chatrooms, and secure the setup using TLS. It is written to work specifically with Tiki and should be followed step by step.
Configuring Tiki for XMPP
Once the XMPP server is ready, configuration continues inside Tiki. In the Admin Control Panels, under RTC and XMPP, you define how Tiki connects to the XMPP server. This includes the XMPP domain, the BOSH or WebSocket endpoint, and the authentication method.
These settings allow Tiki to automatically authenticate users, display the ConverseJS interface, and manage chatroom access based on group membership. No manual login is required for users once the configuration is complete.
ConverseJS Interface Modes
The integrated ConverseJS web client can be used in three distinct modes, depending on the desired user experience and placement.
Overlayed mode
Overlayed Mode is configured as a Tiki Module. A small box will appear on the bottom corner of the page containing a contact list. Users can click on contact list to start a chat session while simultaneously browsing the site.
Embedded mode
The Embedded mode can be configured as a wiki plugin (PluginXMPP). A chatbox will appear directly in the middle of the page content where the plugin is placed. This is typically used for persistent group chats (MUC) dedicated to the specific topic of that page.
Fullscreen mode
Fullscreen mode takes all webpage space to provide a comprehensive interface for contact lists and chat boxes, similar to a dedicated desktop application. Users can easily switch between private chats and group chats while using this mode.
User Stories and Use Cases
The following examples illustrate common ways XMPP is used in a Tiki site. They show how different types of users interact with chat based on their roles and permissions.
- Alice is an anonymous visitor. She opens the site and immediately sees the ConverseJS chat interface. She asks a question in a public chatroom without creating an account. This allows visitors to interact with the community or support team instantly.
- Bob is a registered user. When he logs in to Tiki, he is automatically authenticated in XMPP. He is added to the Registered chatroom without any manual action. Chat access matches his site permissions.
- Charlie is a translator. He is a registered user and belongs to the Translators group in Tiki. When he logs in, he joins both the Registered chatroom and the Translators chatroom. Group membership controls which conversations he can access.
- Dan is a technical user who already owns an external XMPP account. He configures his own JID in Tiki. He continues to join Tiki chatrooms while keeping his external identity. This allows advanced users to reuse existing XMPP setups.
- Eve is an administrator. She uses Gajim on her desktop to connect to the same XMPP server. She joins the chatrooms and answers questions from anonymous visitors. She can moderate discussions without opening the Tiki web interface.
Groups and Chatrooms
Tiki groups are mapped directly to XMPP chatrooms. When a user joins or leaves a group in Tiki, their access to the corresponding chatroom is updated automatically. This ensures that chat permissions remain consistent with site permissions at all times.
This approach reduces administrative effort and avoids manual room management on the XMPP server.
Room membership synchronization behavior (Prosody)
When using XMPP with Multi-User Chat (MUC) auto-join based on Tiki groups, room memberships are synchronized asynchronously between Tiki, the XMPP server (Prosody), and the Converse.js client.
As a result, during login or immediately after registration, a user may not directly see the popup for chatrooms they should be in.
This is expected behavior and usually resolves automatically within a few seconds as the systems sync. If needed, a simple page reload will finalize the room membership. This design avoids blocking the user interface while ensuring correct and scalable synchronization.
Chat Clients
The primary chat interface in Tiki is ConverseJS, which runs in the browser. In addition, users can connect using desktop clients such as Gajim or mobile XMPP clients. All clients connect to the same XMPP server and share the same chatrooms, which provides flexibility without duplicating configuration.
Limitations
XMPP integration in Tiki requires server level configuration and is not a plug and play feature. Administrators must manage DNS, certificates, and the XMPP server itself.
Installing the XMPP Prebind library for TikiToken
The XMPP Prebind library candy-chat/xmpp-prebind-php allows Tiki to perform automatic login to an XMPP server using the Openfire TikiToken authentication method. This makes the user experience smoother because users do not have to type their username and password to join the chat.
Importance:
- Required only for the TikiToken authentication method.
- Not needed for Username/Password or OAuthBearer Token authentication.
- If you select TikiToken in the admin settings but the library is not installed, Tiki will still work: ConverseJS will fall back to standard BOSH login, and users can still access chat. No warning appears in the admin UI.
Library source: https://packagist.org/packages/candy-chat/xmpp-prebind-php
Installation steps:
- Open a terminal and go to your Tiki installation folder.
- Require the library using Composer:
composer require candy-chat/xmpp-prebind-php
- Composer will download and install the library.
- After installation, Tiki will detect the library automatically. The class `XmppPrebind` will now be available.
- Go to Admin home > RTC > XMPP and select the TikiToken authentication method. The prebind library will be used automatically.
Note: Installing this library is optional. Without it, TikiToken authentication will silently fall back to standard login, so chat still works, but users will not get the automatic login experience.
| Option | Description | Default |
|---|---|---|
| XMPP client (ConverseJS) | Integration with Converse.js XMPP client. | Disabled |
| XMPP server domain | XMPP server domain example.org |
None |
| XMPP client port | TCP port used to connect to the XMPP server (C2S) 5222 |
5222 |
| Authentication method | The authentication method to be used by XMPP client Plain | OAuth (uses Tiki as provider) | Openfire TikiToken | Prosody HTTP Auth |
None |
| XMPP MUC Domain | Domain of the MUC (multi-user chat) service (used by both Openfire and Prosody) conference.example.org |
None |
| XMPP BOSH URL (http-bind) | Full URL to the http-bind endpoint (used by both Openfire and Prosody). Used only if no WebSocket URL is configured. https://xmpp.example.org/http-bind/ |
None |
| Openfire REST API endpoint | Full URL to API endpoint https://xmpp.example.org:9091/plugins/restapi/v1/ |
None |
| Rest API username | Username to allow Openfire API usage | None |
| Rest API password | Password to allow Openfire API usage | None |
| Allow anonymous | Allow anonymous users on Chat | Disabled |
| XMPP WebSocket URL | WebSocket endpoint for ConverseJS. If set, this takes precedence over the BOSH (http-bind) URL. wss://xmpp.example.org/xmpp-websocket |
None |
| XMPP domain for registered users | Domain used by XMPP server for authenticated members xmpp.example.org |
None |
| XMPP domain for anonymous visitors | Domain used by XMPP server for guest/anonymous logins guest.example.org |
None |
| Anonymous visitor mode | Choose if anonymous visitors join a community room or a dedicated support room Community room | Personalized support |
Community room |
| Default anonymous chat room | Room where guests are automatically joined community at conference.example.org |
None |
| Anonymous support room | Room where guests are joined when anonymous mode is set to personalized support support at conference.example.org |
None |
| Default registered chat room | Room where registered members are auto-joined registered at conference.example.org |
None |
| Mapping Tiki groups to chat rooms | JSON mapping of Tiki groups to rooms { "Registered": "registered@conference.example.org", "Translators": "translators@conference.example.org" } |
None |
| Auto-join strategy | Define how users are auto-joined into chat rooms By groups | Static | Disabled |
By groups |
| XMPP shared secret (HTTP auth) | Shared secret used to secure HTTP authentication requests between Prosody and Tiki. Must match the value configured in prosody.cfg.lua. | None |
| CORS allowed origins (comma-separated) | List of allowed origins (comma-separated URLs) for Cross-Origin Resource Sharing. Only requests from these origins will be accepted by the XMPP auth endpoint. | None |
| XMPP Admin JID | Full JID of XMPP admin (must be listed in Prosody admins) admin at xmpp.example.org |
None |
| XMPP Admin Password | Password of XMPP admin | None |
| Always Load ConverseJS | Adds the ConverseJS Javascript and CSS files to every page. | Disabled |
| ConverseJS Debug Mode | Enables more logging, e.g. XML stanzas and error tracebacks to the JavaScript Console | Disabled |
| ConverseJS Extra Settings | JSON format object defining extra optional settings to initialize ConverseJS | None |
New in Tiki17: the addition of the ConverseJS XMPP client. New in Tiki19: PluginXMPP to embed a chatroom in a wiki page
The reference implementation is with Openfire, but this should work with any XMPP server (perhaps with fewer features).