PortSIP Knowledge Base
  • PortSIP Communications Solution
    • What is PortSIP?
    • The Advantages of PortSIP PBX vs. Other PBXs
    • Cloud PBX Empowering Service Providers
    • Simplifying Unified Communications with WebRTC and SIP
    • What is CPaaS? Communications Platform as a Service Explained
    • UCaaS is Unified Communications as a Service
    • PortSIP PBX Administration Guide
      • Overview
      • PortSIP Security Features
      • Summary of Changes
      • Before Started
      • 1 Installation of the PortSIP PBX
        • Installation of PortSIP PBX v22.x
          • Install PortSIP PBX on Linux
          • Install PortSIP IM Server on Linux
          • Install PortSIP PBX on Windows
          • Upgrade to the Latest Version Within v22.x on Linux
          • Upgrade to the Latest v22.x on Windows
          • Upgrade v16.x to the Latest v22.x on Linux
        • Installation of PortSIP PBX v16.x
          • Upgrade to the Latest v16.x Release
      • 2 Configuring the PortSIP PBX
      • 3 Tenant Management
      • 4 Phone Device Management
        • Managing Phones
        • Auto Provisioning Security
        • Custom IP Phone Template
        • Bulk Importing Users and Auto Provisioning IP Phones
        • Zero Touch Provisioning Phones
        • Provision Phone Using PnP
        • PnP Auto Provisioning IP Phone Multicast Debug
        • Provision Phone Using RPS
        • Provision Phone Using DHCP Option 66
        • Provision Phone Using TFTP
        • Provisioning Cisco 79xx IP Phones
        • Provision Fanvil DECT IP Phones
        • Provision Yealink DECT IP Phones
        • Provision SNOM DECT IP Phones
        • Configuring Private RPS Account
      • 5 User Management
        • Users
        • How to Configure the Endpoints?
        • User Groups
        • DND and Automatic Callback
        • Speed Dial 8
        • Speed Dial 100
      • 6 Transport Management
      • 7 Trunk Management
        • Configuring SIP Trunk
        • Handle Outbound Calls Through SIP Trunk
      • 8 Call Route Management
        • Configuring Inbound Rule
        • Configuring Outbound Rule
      • 9 Configuring PortSIP SBC
        • Topology
        • Summary of Changes
        • Installation PortSIP SBC v11.x
        • Installation PortSIP SBC v10.x
        • Configuring PortSIP SBC for WebRTC
        • Upgrade to the Latest v11.x Release
        • Upgrade to the Latest v10.x Release
      • 10 Configuring SBC for MS Teams
        • Architecture
        • Configuring Microsoft Teams
        • Configuring SBC and PBX
        • Configure an SBC for Multiple Tenants
      • 11 Deploy the SBC Cluster
      • 12 Configuring Virtual Receptionist
        • Managing Virtual Receptionist
        • Visual IVR Editor Guide
        • Direct Inward System Access (DISA)
      • 13 Configuring Ring Group
      • 14 Call Parking
        • PortSIP Call Parking Feature
        • Using Call Parking Feature
        • Using Enhanced Call Park on Fanvil IP Phones
        • Using Enhanced Call Park on Yealink IP Phones
        • Using Enhanced Call Park on Grandstream IP Phones
        • Using Enhanced Call Park on Dinstar IP Phones
      • 15 Shared Voicemail
      • 16 Call Queue
        • Configuring Call Queue
        • Configuring Queue Callback
        • Agent States and Work Modes
        • Skills-Based Routing
        • Silent Monitoring
        • Wallboards
      • 17 Roles and Permissions
      • 18 E164 Number Processing
      • 19 Billing
      • 20 CDR and Call Recordings
        • CDR
        • Call Recordings
        • CDR Field Descriptions
      • 21 Call Reports
      • 22 Dealers
      • 23 Feature Access Codes
      • 24 Call Pickup
      • 25 Meetings
        • Joining a Meeting with the Invite Link
      • 26 Hot Desking
      • 27 STIR/SHAKEN
        • Configuring STIR/SHAKEN
      • 28 Digital Engagement Channels
        • SMS Channel
        • WhatsApp Channel
        • Manage SMS/WhatsApp Message Conversations
      • 29 Integrations
        • Microsoft 365 Integration
        • Google Workspace Integration
      • 30 Office Hours and Holiday Schedule
        • Configuring Office Hours and Holiday Schedule
        • Routing Calls Based on Office Hours and Holidays
      • 31 Configuring Email Notifications
      • PBX and SIP Trunk using PortSIP SBC
      • SIP Header Manipulation
      • Rebranding PortSIP PBX, SBC
      • System Service Extension Numbers
      • Certificates for TLS/HTTPS/WebRTC
        • Preparing TLS Certificates
        • Update Certificates
      • Backup and Restore: An Essential Guide
        • Backup and Restore PortSIP PBX
        • Backup and Restore PortSIP SBC
      • Storing Into AWS S3
      • Storing Into Azure Blob Storage
      • Trace Server - A Better Way to Monitoring SIP Messages and QoS for PortSIP PBX
    • Configuring SIP Trunks
      • QuestBlue SIP Trunk
        • Purchase a DID on QuestBlue Platform
        • Configuring QuestBlue IP Authentication Trunk
        • Configuring QuestBlue Register Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • QuestBlue SMS Integration
      • Twilio SIP Trunk
        • Purchase a DID on the Twilio
        • Configuring Twilio Register Based Trunk
        • Configuring Twilio Interconnect Trunk
        • Configuring Outbound & Inbound Calls
        • Twilio SMS Integration
      • Telnyx SIP Trunk
        • Purchase a DID on Telnyx Platform
        • Configuring Telnyx IP Authentication Trunk
        • Configuring Telnyx Register Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • Telnyx SMS Integration
      • Vonage SIP Trunk
        • Purchase a DID on Vonage Platform
        • Configuring Vonage IP Authentication Trunk
        • Configuring Vonage Register Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • Vonage SMS Integration
      • VoIP.ms SIP Trunk
        • Purchase a DID on VoIP.ms
        • Configuring VoIP.ms Register Based Trunk
        • Configuring Outbound & Inbound Calls
        • VoIP.ms SMS Integration
      • Voxtelesys SIP Trunk
        • Purchase a DID on Voxtelesys Platform
        • Configuring Voxtelesys IP Authentication Trunk
        • Configuring Voxtelesys Register Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • Voxtelesys SMS Integration
      • Wavix SIP Trunk
        • Purchase a DID on Wavix Platform
        • Configuring Wavix IP Authentication Trunk
        • Configuring Wavix Digest Trunk
        • Configuring Outbound & Inbound Calls
        • Wavix SMS Integration
      • VoIP Innovations SIP Trunk
        • Purchase a DID on VoIP Innovations Platform
        • Configuring VoIP Innovations IP Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • VoIP Innovations SMS Integration
      • Bandwidth SIP Trunk
        • Purchase a DID on Bandwidth Platform
        • Configuring Bandwidth IP Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • Bandwidth SMS Integration
      • Flowroute SIP Trunk
        • Purchase a DID on Flowroute Platform
        • Configuring Flowroute IP Authentication Trunk
        • Configuring Outbound & Inbound Calls
        • Flowroute SMS Integration
      • Gamma SIP Trunk
      • Aire Networks SIP Trunk
      • VoiceMeUp SIP Trunk
        • Configuring VoiceMeUp Trunk
        • VoiceMeUp SMS Integration
    • PBX Cluster (v22.x)
      • Topology
      • Preparing Cluster Servers
      • Configuring Cluster Servers
      • Managing Cluster
    • High Availability (v22.x)
      • High Availability and Sclability On-Premise
        • PortSIP PBX High Availability Architecture
        • High Availability Installations on Ubuntu
        • Upgrading High Availability Installation
        • Scaling Servers On-Premise for High Availability
        • Scaling SBC On-Premise for High Availability
        • Scaling IM Server On-Premise for High Availability
      • High Availability and Scalability on AWS
        • PortSIP PBX High Availability Architecture
        • High Availability Installations on AWS
        • Upgrading High Availability Installation
        • Increase Size of EBS Volume
        • Scaling Servers on AWS for High Availability
    • PBX Cluster(v16.x)
      • Topology
      • Preparing Cluster Servers
      • Configuring Cluster Servers
      • Managing Cluster
      • Configuring Cluster Servers for High Availability
    • High Availability (v16.x)
      • High Availability for On-Premise
        • PortSIP PBX High Availability Architecture
        • High Availability Installations on Ubuntu
        • Upgrading High Availability Installation
      • High Availability and Scalability on AWS
        • PortSIP PBX High Availability Architecture
        • High Availability Installations on AWS
        • Upgrading High Availability Installations
        • Increase Size of EBS Volume
        • Scaling Servers on AWS for HA
    • PortSIP UCaaS
    • FAQ
      • Troubleshooting Call Issues
      • How to Activate License key?
      • What is the Multi-Tenant PBX?
      • Is the PortSIP PBX built on Asterisk, FreeSwitch?
      • What is the SBC?
      • What is the PBX? Features, Benefits
      • What File Format Is Required for PortSIP PBX Prompt?
      • What is Direct Inward Dialing (DID)?
      • What is the DID Pool?
      • What are IP Phones Work with PortSIP PBX?
      • Hardware Specifications
      • How to Adjust the REST API Rate Limit?
      • SIP Status Code of Response
      • What is SIP ALG and Why You Need to Disable It?
      • Essential Factors for Choosing a Could PBX Solution
      • Migrate from legacy FCM APIs to HTTP v1 for Android Push Notifications
      • PortSIP SDK License Agreement
      • PortSIP Software End-User License Agreement
  • Apps Guides
    • PortSIP ONE Desktop App
      • Sign in to PBX
      • Calls, Messages, and Voicemails
      • Customize Your Caller ID
      • SMS and WhatsApp Messaging
      • Click to Call
      • Calling from Another Device
      • Change Your Call Queue Status
    • PortSIP ONE Mobile App
      • Sign in to PBX
      • Calls, Messages, and Voicemails
      • Customize Your Caller ID
      • SMS and WhatsApp Messaging
      • Change Your Call Queue Status
    • PortSIP Softphone
  • DEVELOPING WITH PORTSIP
    • Getting Started
    • Calling APIs
      • User Manual for Windows
      • User Manual for iOS
      • User Manual for Android
      • User Manual for macOS
    • REST APIs
      • Version 22.0
        • About
        • API reference
          • Info
          • Login
            • By microsoft
          • Logout
          • Network
          • Sbc
            • Token
              • Destroy
          • Im
            • Token
              • Destroy
          • Dealers
            • Password
            • Destroy
          • Mobile push
            • Destroy
          • Ip filters
            • Destroy
            • Export
          • Transports
            • Destroy
            • Status
          • Tenants
            • Switch
            • Dealers
              • Destroy
            • Destroy
          • Tenant
            • Status
            • Notification
            • Password policy
            • Billing
            • Balance
            • Custom headers
          • Conference servers
            • Status
            • Destroy
          • Media servers
            • Status
            • Destroy
          • License
          • Key
          • Brand
          • Dealer
            • Status
            • Username
            • Password
          • Roles
            • Destroy
          • User
            • Password
            • Extension password
            • Profile
            • Status
            • Presence
            • Balance
            • Greetings
              • Enable
              • Disable
              • Destroy
            • Phones
              • Destroy
            • Cdrs
              • Sync tokens
                • Diff
            • Recordings
              • Destroy
            • Speed dial 8
              • Destroy
            • Speed dial 100
              • Destroy
            • Meetings
              • Destroy
              • Status
              • Mute
              • Unmute
              • Lock
              • Unlock
              • Start
              • Stop
              • Start recording
              • Stop recording
              • Participants
                • Layout
                • Invite
                • Mute
                • Unmute
                • Chairman
                • Position
                • Destroy
            • Holidays
              • Destroy
            • Global holidays
            • Contacts
              • Favorite
              • Unfavorite
              • Destroy
              • Sync tokens
                • Diff
            • Call queues
              • Agent
            • Outbound caller ids
            • Ring groups
            • Business contacts
              • Favorite
              • Unfavorite
              • Sync tokens
                • Diff
            • Extension contacts
              • Favorite
              • Unfavorite
              • Sync tokens
                • Diff
          • Users
            • Profile
            • Password
            • Extension password
            • Role
            • Ms365 binding
              • Destroy
            • Destroy
            • Status
              • Destroy status
            • Balance
            • Greetings
              • Enable
              • Disable
              • Destroy
            • Phones
              • Destroy
            • Holidays
              • Destroy
            • Global holidays
            • Call queues
              • Agent
            • Speed dial 8
              • Destroy
            • Speed dial 100
              • Destroy
          • Extension numbers
          • Groups
            • Destroy
            • Members
              • Destroy
          • Voicemails
            • Set read
            • Set unread
            • Destroy
          • Recordings
            • Destroy
          • Call queue servers
            • Status
            • Destroy
          • Call queues
            • Status
            • Destroy
            • Waiting
              • Pickup
            • Agents
          • Exclusive numbers
            • Destroy
            • Call queues
              • Agents
              • Destroy
            • Export
          • Vip numbers
            • Destroy
            • Export
          • Call queue blacklisted numbers
            • Destroy
            • Export
          • Call queue blacklist prompts
          • Sessions
            • Directly
            • Hold
            • Unhold
            • Refer
            • Attended refer
            • Destroy
          • Conference rooms
            • Destroy
            • Status
            • Mute
            • Unmute
            • Lock
            • Unlock
            • Start recording
            • Stop recording
            • Participants
              • Layout
              • Invite
              • Mute
              • Unmute
              • Chairman
              • Position
              • Destroy
            • Recordings
              • Destroy
              • Set read
              • Set unread
          • Contacts
            • Destroy
            • Export
          • Emergency numbers
            • Destroy
          • Files
            • Destroy
          • Blobs
            • Uploads
              • Append
              • Complete
              • Status
              • Destroy
          • Inbound rules
            • Destroy
            • Export
          • Moh server
            • Musics
              • Destroy
          • Monitor
          • Monitor groups
            • Destroy
            • Members
              • Destroy
            • Managers
              • Destroy
          • Call park
          • Call park groups
            • Destroy
            • Members
              • Destroy
          • Call pickup groups
            • Destroy
            • Members
          • Voicemail
          • Acb
          • Outbound rules
            • Destroy
            • Export
            • Applied groups
              • Destroy
          • Phone models
          • Phones
            • Reprovision
            • Assignee
            • Reboot
            • Reject
          • Dect phone models
          • Dect phones
            • Destroy
            • Members
          • Providers
            • Status
            • Destroy
            • Export
            • Assignees
              • Destroy
          • Ring groups
            • Agents
            • Destroy
          • Shared voicemails
            • Destroy
            • Voicemails
              • Set read
              • Set unread
              • Destroy
            • Greetings
              • Enable
              • Disable
              • Destroy
          • Holidays
            • Destroy
          • Allowed country codes
          • Disallowed codes
            • Destroy
            • Export
          • Blacklisted numbers
            • Destroy
            • Export
          • Call rates
            • Destroy
            • Export
          • Ivr servers
            • Status
            • Destroy
          • Ivrs
            • Status
            • Destroy
            • Action urls
              • Destroy
          • Hotdesking
            • Status
            • Logout
            • Destroy
          • Sms
            • Destroy
          • Whatsapp
            • Destroy
          • Cdrs
          • Call reports
            • Destroy
          • Completed call reports
            • Destroy
          • Feature access codes
          • Default email templates
          • Custom email templates
          • Audit logs
          • Event logs
          • Test email
          • Ms365
            • Certificate
            • Users
          • Admin
            • Status
            • Username
            • Password
            • Settings
            • Notification
          • Templates
            • Phones
              • Destroy
        • Specification
      • Version 22.1
        • About
        • API reference
          • Info
          • Login
            • By microsoft
          • Logout
          • Network
          • Sbc
            • Token
              • Destroy
          • Im
            • Token
              • Destroy
          • Dealers
            • Password
            • Destroy
          • Mobile push
            • Destroy
          • Ip filters
            • Destroy
            • Export
          • Transports
            • Destroy
            • Status
          • Tenants
            • Switch
            • Dealers
              • Destroy
            • Destroy
          • Tenant
            • Status
            • Notification
              • Test email
            • Password policy
            • Billing
            • Balance
            • Custom headers
          • Conference servers
            • Status
            • Destroy
          • Media servers
            • Status
            • Destroy
          • License
          • Key
          • Brand
          • Dealer
            • Status
            • Username
            • Password
          • Roles
            • Destroy
          • User
            • Password
            • Extension password
            • Profile
            • Status
            • Presence
            • Balance
            • Greetings
              • Enable
              • Disable
              • Destroy
            • Phones
              • Destroy
            • Cdrs
              • Sync tokens
                • Diff
            • External messages
            • Recordings
              • Destroy
            • Speed dial 8
              • Destroy
            • Speed dial 100
              • Destroy
            • Meetings
              • Destroy
              • Status
              • Mute
              • Unmute
              • Lock
              • Unlock
              • Start
              • Stop
              • Start recording
              • Stop recording
              • Participants
                • Layout
                • Invite
                • Mute
                • Unmute
                • Chairman
                • Position
                • Destroy
            • Holidays
              • Destroy
            • Global holidays
            • Contacts
              • Favorite
              • Unfavorite
              • Destroy
              • Sync tokens
                • Diff
            • Call queues
              • Agent
            • Outbound caller ids
            • Ring groups
            • Business contacts
              • Favorite
              • Unfavorite
              • Sync tokens
                • Diff
            • Extension contacts
              • Favorite
              • Unfavorite
              • Sync tokens
                • Diff
          • Users
            • Profile
            • Password
            • Extension password
            • Role
            • Ms365 binding
              • Destroy
            • Destroy
            • Status
              • Destroy status
            • Balance
            • Greetings
              • Enable
              • Disable
              • Destroy
            • Phones
              • Destroy
            • Holidays
              • Destroy
            • Global holidays
            • Call queues
              • Agent
            • Speed dial 8
              • Destroy
            • Speed dial 100
              • Destroy
          • Extension numbers
          • Groups
            • Destroy
            • Members
              • Destroy
          • Voicemails
            • Set read
            • Set unread
            • Destroy
          • Recordings
            • Destroy
          • Call queue servers
            • Status
            • Destroy
          • Call queues
            • Status
            • Destroy
            • Waiting
              • Pickup
            • Agents
          • Exclusive numbers
            • Destroy
            • Call queues
              • Agents
              • Destroy
            • Export
          • Vip numbers
            • Destroy
            • Export
          • Call queue blacklisted numbers
            • Destroy
            • Export
          • Call queue blacklist prompts
          • Sessions
            • Directly
            • Hold
            • Unhold
            • Refer
            • Attended refer
            • Destroy
          • Conference rooms
            • Destroy
            • Status
            • Mute
            • Unmute
            • Lock
            • Unlock
            • Start recording
            • Stop recording
            • Participants
              • Layout
              • Invite
              • Mute
              • Unmute
              • Chairman
              • Position
              • Destroy
            • Recordings
              • Destroy
              • Set read
              • Set unread
          • Contacts
            • Destroy
            • Export
          • Emergency numbers
            • Destroy
          • Files
            • Destroy
          • Blobs
            • Uploads
              • Append
              • Complete
              • Status
              • Destroy
          • Inbound rules
            • Destroy
            • Export
          • Moh server
            • Musics
              • Destroy
          • Monitor
          • Monitor groups
            • Destroy
            • Members
              • Destroy
            • Managers
              • Destroy
          • Call park
          • Call park groups
            • Destroy
            • Members
              • Destroy
          • Call pickup groups
            • Destroy
            • Members
          • Voicemail
          • Acb
          • Outbound rules
            • Destroy
            • Export
            • Applied groups
              • Destroy
          • Phone models
          • Phones
            • Reprovision
            • Assignee
            • Reboot
            • Reject
          • Dect phone models
          • Dect phones
            • Destroy
            • Members
          • Providers
            • Status
            • Destroy
            • Export
            • Assignees
              • Destroy
          • Ring groups
            • Agents
            • Destroy
          • Shared voicemails
            • Destroy
            • Voicemails
              • Set read
              • Set unread
              • Destroy
            • Greetings
              • Enable
              • Disable
              • Destroy
          • Holidays
            • Destroy
          • Allowed country codes
          • Disallowed codes
            • Destroy
            • Export
          • Blacklisted numbers
            • Destroy
            • Export
          • Call rates
            • Destroy
            • Export
          • Ivr servers
            • Status
            • Destroy
          • Ivrs
            • Status
            • Destroy
            • Action urls
              • Destroy
          • Hotdesking
            • Status
            • Logout
            • Destroy
          • Sms
            • Destroy
          • Whatsapp
            • Destroy
          • Cdrs
          • Calllogs
          • External messages
          • Call reports
            • Destroy
          • Completed call reports
            • Destroy
          • Feature access codes
          • Default email templates
          • Custom email templates
          • Audit logs
          • Event logs
          • Ms365
            • Certificate
            • Users
          • Google
          • Admin
            • Status
            • Username
            • Password
            • Settings
            • Notification
              • Test email
            • Ms365
              • Certificate
            • Google
          • Templates
            • Phones
              • Destroy
        • Specification
      • Authentication
      • Accessing CDRs and Recordings
    • Call Control APIs
    • Messaging APIs
      • Protocol
      • API Examples
    • WSI: Pub/Sub
    • Webhook Events
      • Registering a Webhook
      • Receiving Events via a Webhook
      • Event Reference
    • Mobile Push Notifications
      • How Do Push Notifications Work with PortSIP PBX?
      • Integrating the Push Notifications in Native iOS APP
      • Integrating the Push Notifications in Android APP
  • PBX v12.x (EOL)
    • PortSIP PBX v12.x is EOL
    • High Availability
      • PortSIP PBX High Availability
      • UCaaS High Availability
      • Deploy the PortSIP PBX HA on AWS
      • Deploy PortSIP PBX HA for CentOS
      • Deploy PortSIP PBX HA for Ubuntu
      • Migrate the HA data
    • Push Notifications
      • How do push notifications work with PortSIP PBX?
      • Implement the PUSH notifications in Xamarin iOS APP with PortSIP PBX 12.x
      • Implement the PUSH notifications in native iOS APP with PortSIP PBX 12.x
      • Implement PUSH notifications in Android APP with PortSIP PBX 12.x
      • Implement PUSH notifications in Xamarin Android APP with PortSIP PBX 12.x
    • Tutorials
      • REST API Examples
      • Trace server - A Better Way to Debug PortSIP UC
      • Setup SSL Certificates for HTTPS/WebRTC
      • Going Real-Time with PortSIP PBX Pub/Sub
      • Upgrade PortSIP PBX for offline
      • PortSIP UC Architecture
      • PortSIP PBX Features
      • PortSIP Security Feature
      • Hardware Specifications
      • Setup PortSIP PBX for Linux
      • Upgrade PortSIP PBX
      • Upgrade PortSIP PBX v12.x to the v12.8.7
      • Add Extended Media Server
      • Store the recording files to AWS S3
      • Configure Notifications for Kubernetes
      • Rebranding PortSIP PBX
Powered by GitBook
On this page
  • Drop Calls with Verification Status
  • PAI Header Parameter Name
  • Enable STIR/SHAKEN Validation
  • Drop Calls with Verification Status
  • Example
  • Scenario
  • Signing Outbound Calls on a Trunk
  • Obtain a STIR/SHAKEN Certificate
  • Uploading the STIR/SHAKEN Certificate
  • Enabling STIR/SHAKEN Call Signing on a Trunk
  1. PortSIP Communications Solution
  2. PortSIP PBX Administration Guide
  3. 27 STIR/SHAKEN

Configuring STIR/SHAKEN

Previous27 STIR/SHAKENNext28 Digital Engagement Channels

Last updated 6 months ago

In PortSIP PBX, you can configure the system to drop inbound calls on a specified SIP trunk based on Caller ID verification - when the trunk provider passes a parameter value in the P-Asserted-Identity SIP header in the INVITE message, which by default is named 'verstat'. Additionally, you can also upload the STIR/SHAKEN certificate to sign outbound calls on a specified SIP trunk.

Drop Calls with Verification Status

To configure call handling based on verification status:

  1. Navigate to Call Manager > Trunks.

  2. Double-click the trunk you want to edit.

  3. Click the Inbound Parameters tab.

  4. In the STIR/SHAKEN section, you will find three configurable options, which can be set at the trunk level.

These options allow you to customize how the PBX handles calls based on STIR/SHAKEN verification status for each trunk.

PAI Header Parameter Name

Set this field to your desired value, it's 'verstat' by default.

This parameter is used for caller ID validation and is typically named 'verstat'. However, the exact name may vary depending on your trunk provider.

Enable STIR/SHAKEN Validation

This option allows you to enable or disable PortSIP PBX's validation of inbound calls based on STIR/SHAKEN Caller ID verification.

Drop Calls with Verification Status

This option allows you to select which verification status will trigger call drops when Enable STIR/SHAKEN Validation is enabled.

For example, selecting 'TN-Validation-Failed' means that if the PAI header contains this verification status, the call will be dropped.

The PAI header value will be parsed, and if the specified parameter matches any of the selected values in the Drop Calls with Verification Status list, the call will be dropped.

Refer to the list of verification statuses:

  • No-TN-Validation

  • TN-Validation-Failed

  • TN-Validation-Passed-B

  • TN-Validation-Passed-C

  • TN-Validation-Failed-A

  • TN-Validation-Failed-B

  • TN-Validation-Failed-C

Note: Verification statuses are case-insensitive, meaning all variations (e.g., 'No-TN-Validation', 'NO-TN-VALIDATION', and 'No-tn-Validation') are acceptable.

This feature applies only to the inbound calls received from this trunk.

Example

If a call is received from the SIP trunk with the following PAI header:

P-Asserted-Identity: <sip:+15617500080;verstat=TN-Validation-Passed>
P-Attestation-Indicator: B

Please note that the additional header check is included for STIR/SHAKEN. The P-Asserted-Identity can contain one of the following values: 'TN-Validation-Passed', 'TN-Validation-Failed', or 'No-TN-Validation'. The attestation level is specified in a separate header, such as P-Attestation-Indicator: B.

Scenario

If a user selects 'TN-Validation-Failed-B' and 'No-TN-Validation' as values in the Drop Calls with Verification Status field, the call will be dropped, since it matches 'TN-Validation-Passed' with 'B' as the attestation level.

However, if no attestation indicator is provided, the PBX expects an exact match between the verstat value in the PAI header and the value specified in the Drop Calls with Verification Status field. For example:

P-Asserted-Identity: <sip:+15617500080;verstat=TN-Validation-Passed-B>

Signing Outbound Calls on a Trunk

To sign outbound calls on a trunk, you must follow the process of obtaining your own STIR/SHAKEN certificate. This involves the following steps:

  1. After securing these, you can then proceed to apply for your STIR/SHAKEN token and certificate, which are required for authenticating calls.

Obtain a STIR/SHAKEN Certificate

To implement STIR/SHAKEN, follow these steps:

  1. Partner with a Certificate Authority (CA) Collaborate with a trusted Certificate Authority (CA) to issue your STIR/SHAKEN certificate, enabling you to sign and authenticate your outbound calls.

Uploading the STIR/SHAKEN Certificate

You can upload the STIR/SHAKEN certificate either at the System Administrator level or the Tenant level, depending on the scope of the calls.

  • The PBX will use the System Administrator's certificate to sign calls on trunks that are added by the System Administrator.

  • Tenant-level certificates are used to sign calls on trunks that are added by the Tenant Administrator.

Uploading a Certificate at the System Administrator Level

  1. Navigate to Advanced > Settings in the menu.

  2. Select the STIR/SHAKEN Certificates tab.

  3. Open your STIR/SHAKEN certificate file using Windows Notepad, then copy and paste its contents into the Public Certificate field.

  4. Similarly, open your STIR/SHAKEN private key file using Windows Notepad, and copy and paste the contents into the Private Key field.

  5. Click OK to save your changes.

Uploading a Certificate at the Tenant Administrator Level

  1. Navigate to Advanced > STIR/SHAKEN in the menu.

  2. Open your STIR/SHAKEN certificate file using Windows Notepad, then copy and paste its contents into the Public Certificate field.

  3. Similarly, open your STIR/SHAKEN private key file using Windows Notepad, and copy and paste the contents into the Private Key field.

  4. Click OK to save your changes.

Enabling STIR/SHAKEN Call Signing on a Trunk

To enable the STIR/SHAKEN signature on a specific trunk, follow these steps:

  1. Go to Call Manager > Trunks.

  2. Double-click the trunk you wish to edit.

  3. Select the Options tab.

  4. Toggle on the STIR/SHAKEN Signature Required option.

  5. Click OK to save your changes.

Now that you’ve enabled the STIR/SHAKEN signature, when an extension makes an outbound call over a trunk where the STIR/SHAKEN Signature Required option is enabled, the PortSIP PBX will sign the call using the uploaded certificates. It will then add an Identity header to the INVITE message, which contains the call signature. The INVITE message will look similar to the following example:

INVITE sip:18001234567@example.com:5060 SIP/2.0
Via: SIP/2.0/UDP example.com:5060
From: "Alice" <sip:14045266060@5.6.7.8:5060>;tag=123456789
To: "Bob" <sip:18001234567@1.2.3.4:5060>
Call-ID: 1-12345@5.6.7.8
CSeq: 1 INVITE
Max-Forwards: 70
Identity: eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9jZXJ0aWZpY2F0ZXMuZXhhbXBsZS5jb20vMTIzNDU2Nzg5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxODAwMTIzNDU2NyJdfSwiaWF0IjoxNTQ4ODU5OTgyLCJvcmlnIjp7InRuIjoiMTQwNDUyNjYwNjAifSwib3JpZ2lkIjoiM2E0N2NhMjMtZDdhYi00NDZiLTgyMWQtMzNkNWRlZWRiZWQ0In0.S_vqkgCk88ee9rtk89P6a6ru0ncDfSrdb1GyK_mJj-10hsLW-dMF7eCjDYARLR7EZSZwiu0fd4H_QD_9Z5U2bg;info=<https://pbx.example.com:8887/creds/3054739567934621/cert.pem>alg=ES256;ppt=shaken

Acquire a Filer ID and an Operating Company Number (OCN).

Obtain an FCC 499 ID Apply for and receive an , which is necessary for companies providing telecom services in the U.S.

Get an Operating Company Number (OCN) An assigned to telecom companies in North America. You’ll need this to proceed with certification.

Acquire Your iConnectiv Token is the designated policy administrator for the STIR/SHAKEN framework. Obtain your token through their portal.

US FCC 499-A
FCC 499-A Filer ID
OCN is a 4-character identifier
iConnectiv