Configuring policy profiles

Policy profiles specify how Pexip Infinity uses external policy and/or local policy to control its call policy and routing decisions.

Each policy profile can be used to:

  • control which types of data (e.g. service configuration, participant data, media location, participant avatars etc.) are managed via policy — either by external policy, or by local policy (where local policy is supported for that data type) or by both external and local policy
  • nominate the address of an external policy server to which the external policy API requests are sent
  • specify the local policy jinja2 script to be executed against the data (service configuration, participant and media location data types only).

You can configure Pexip Infinity to use both external and local policy depending on your requirements. When both external and local policy are enabled, external policy is applied first to retrieve the configuration data from the external system, and then local policy is applied to that retrieved data (which can then conditionally modify that data). See Using external and local policy to control Pexip Infinity behavior for more information.

Each system location is configured with a policy profile and that profile is then used by all of the Conferencing Nodes in that location whenever they need to retrieve configuration data. This means that you could use the same policy profile in all locations (and thus all Conferencing Nodes), or if required you can configure many different profiles with, for example, different local policy scripts or different external policy server URIs, and then assign different policy profiles to different system locations.

You must assign policy profiles to locations otherwise they will never be used. If you want to configure just one policy profile to be used globally you need to assign it to all of your locations.

When using external policy within a system location, you must ensure that each Conferencing Node in that location is able to reach the nominated policy server.

To configure policy profiles:

  1. Go to Call control > Policy profiles.
  2. Select Add Policy profile and then configure that profile. The options are:

    Option Description
    Name The name used to refer to this policy profile in the Pexip Infinity Administrator interface.
    Description An optional description of the policy profile.
    External policy server
    URL

    The URL of the policy server to use for all external policy API requests from this profile, for example https://policy.example.com/path.

    You can only configure one address URL per policy server.

    If the request is over HTTPS, Pexip Infinity must trust the certificate presented by the policy server.

    We strongly recommend that you use HTTPS (not HTTP) in production environments.

    Username

    Password

    Optional fields where you can specify the credentials required to access the external policy server.

    External policy requests support Basic Authentication and basic ASCII-encoded usernames and passwords.

    Avatar policy
    Use local avatar configuration When Use local avatar configuration is enabled, requests to fetch avatar images to represent directory contacts and conference participants are sent to the Avatar URL associated with the user configured within Pexip Infinity.
    Enable external avatar lookup

    If enabled, requests are sent to the external policy server to fetch avatar images to represent directory contacts and conference participants.

    If both Use local avatar configuration and Enable external avatar lookup are enabled, then the local avatar configuration takes precedence. However, if no matching user record is found, or the user record does not have a configured Avatar URL then a request is made to the external policy server instead. If there is an Avatar URL, and the request fails for any reason, Pexip Infinity will not fall back to external policy.

    Service configuration policy
    Enable external service configuration lookup If enabled, requests are sent to the external policy server to fetch service configuration data (VMRs, Virtual Receptions, Infinity Gateway calls etc).
    Apply local policy If enabled, the service configuration retrieved from the local database or an external policy server is processed by the local policy script (which may change the service configuration or cause the call to be rejected).
    Script

    Only applies if Apply local policy is selected.

    Enter a jinja2 script that takes the existing service configuration (if any) and optionally modifies or overrides the service settings.

    Participant policy
    Enable external participant lookup If enabled, requests are sent to the external policy server to allow some of the participant's properties to be overridden, or the call to be rejected.
    Apply local policy If enabled, the original participant's call properties or any override properties returned from external policy are processed by the local policy script (which may itself override the participant properties or cause the call to be rejected).
    Script

    Only applies if Apply local policy is selected.

    A Jinja2 script that takes the existing participant configuration and optionally overrides the participant settings

    Media location policy
    Enable external media location lookup If enabled, requests are sent to the external policy server to fetch the system location to use for media allocation.
    Apply local policy If enabled, the media location configuration retrieved from the local database or an external policy server is processed by the local policy script (which may change the media location configuration).
    Script

    Only applies if Apply local policy is selected.

    Enter a jinja2 script that takes the existing media location configuration and optionally modifies or overrides the location settings.

    Directory
    Enable external directory lookup If enabled, requests are sent to the external policy server to fetch directory information (that can be used by some Connect app clients to display a phonebook).
    Registration requests
    Enable external registration policy If enabled, requests are sent to the external policy server to determine whether a device alias is allowed to register to a Conferencing Node.
  3. Select Save.
  4. Go to Platform > Locations.
  5. Select each location in turn and specify the Policy profile that the Conferencing Nodes in that location should use when making policy decisions.