This module implements a mechanism via which clients can exchange a password for a secure token, improving security and streamlining future reconnections.

At the time of writing, the XEP that describes the FAST protocol is still working its way through the XSF standards process. You can view the FAST XEP proposal here.

This module depends on mod_sasl2.


Name Description Default
sasl2_fast_token_ttl Default token expiry (seconds) 86400*21 (21 days)
sasl2_fast_token_min_ttl Time before tokens are eligible for rotation (seconds) 86400 (1 day)

The sasl2_fast_token_ttl option determines the length of time a client can remain disconnected before being “logged out” and needing to authenticate with a password. Clients must perform at least one FAST authentication within this period to remain active.

The sasl2_fast_token_min_ttl option defines how long before a token will be rotated by the server. By default a token is rotated if it is older than 24 hours. This value should be less than sasl2_fast_token_ttl to prevent clients being logged out unexpectedly.


With the plugin installer in Prosody 0.12 you can use:

sudo prosodyctl install --server= mod_sasl2_fast

For earlier versions see the documentation for installing 3rd party modules