This module lets you test whether a set of credentials are valid, using Prosody’s configured authentication mechanism.

This is useful as an easy way to allow other (e.g. non-XMPP) applications to authenticate users using their XMPP credentials.


To test credentials, issue a simple GET request with HTTP basic auth:

GET /auth_check HTTP/1.1
Authorization: Basic <base64(jid:password)>

Prosody will return a 2xx code on success (user exists and credentials are correct), or 401 if the credentials are invalid. Any other code may be returned if there is a problem handling the request.

Example usage

Here follows some example usage using curl.

curl http://prosody.local:5280/auth_check -u


With the plugin installer in Prosody 0.12 you can use:

sudo prosodyctl install --server= mod_http_auth_check

For earlier versions see the documentation for installing 3rd party modules