Kolmisoft Wiki - User contributions [en]

Webhooks

2026-06-11T13:55:34Z

Admin: /* Call End Webhook */

MOR and M4 can send **outbound HTTP POST** requests to URLs you configure when certain events occur. There are two delivery formats:

* '''Query-string webhooks''' — HTTP POST with an '''empty body'''; event data is appended to your configured URL as query string parameters (Call End, Warning Balance).
* '''JSON webhooks''' — HTTP POST with a '''JSON body''' and <code>Content-Type: application/json</code> (Alerts).

 
== Overview ==

{| class="wikitable"
! Webhook type !! Product !! When it fires !! Request format
|-
| Call End || MOR || A completed call whose source device has a webhook URL || POST, empty body, query string
|-
| Warning Balance || MOR || User balance drops below the configured admin warning threshold || POST, empty body, URL built from template
|-
| Alert / Clear || MOR, M4 || An alert is raised or cleared, and the matching notify option is enabled || POST, JSON body
|}

 
== Call End Webhook ==

 
=== Configuration ===

* '''Per device:''' Device edit → Advanced → '''Webhook URL for Call End''' (field <code>webhook_url_for_call_end</code>).
* '''Default for new devices:''' SETTINGS → Default Device → same field.
* '''Legacy API write:''' [[MOR API]] [[MOR API device update]] parameter <code>webhook_url_for_call_end</code> (not included in hash). An empty value clears the URL.
* '''Legacy API read:''' [[MOR API device details get]] tag <code>webhook_url_for_call_end</code>.
* URL must start with <code>http://</code> or <code>https://</code>.

 
=== When it fires ===

* MOR checks for newly completed calls approximately every '''10 seconds'''.
* Only calls where the '''source device''' has a non-empty webhook URL are considered.
* Only calls with <code>calltime</code> within the last '''~2 hours''' are eligible.
* On first use, delivery starts from the current newest call — '''historical calls are not sent'''.
* After a restart, MOR resumes from the last successfully delivered call instead of skipping or re-sending older calls.

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Body:''' empty
* '''Parameters:''' query string on the configured URL

If your base URL already contains query parameters (for example, <code>https://example.com/hook?api_key=secret</code>), MOR merges call parameters with <code>&</code> (single <code>?</code>). Parameter values are URL-encoded.

{| class="wikitable"
! Parameter !! Description
|-
| <code>user_id</code> || User id associated with the call
|-
| <code>device_id</code> || Source device id
|-
| <code>calltime</code> || Call date/time
|-
| <code>src</code> || Caller source
|-
| <code>dst</code> || Destination
|-
| <code>hangupcause</code> || Hangup cause code
|-
| <code>billsec</code> || Billed seconds
|-
| <code>call_price</code> || Call price in the user's currency
|-
| <code>balance_at_the_end_of_call</code> || User balance in the user's currency at send time
|-
| <code>currency</code> || User currency code (for example <code>USD</code>, <code>EUR</code>)
|}

 
=== Examples ===

Bare base URL:

<code>http://192.168.1.142:8080/test?user_id=2&device_id=80&calltime=2026-06-11+10%3A00%3A00&src=101&dst=123123&hangupcause=16&billsec=50&call_price=5&balance_at_the_end_of_call=100&currency=USD</code>

Base URL with existing query parameter:

* Configured: <code>http://192.168.1.142:8080/test?api_key=mytoken</code>
* Sent: <code>http://192.168.1.142:8080/test?api_key=mytoken&user_id=2&device_id=80&...</code>

 
=== Limitations ===

* Only the '''source''' device webhook URL is used (not the destination device).
* Delivery is '''not real-time''' at hangup — expect up to ~10 seconds polling delay.
* Call-end and warning-balance webhooks are delivered through the same outbound notification pipeline.

 

# Wiki paste — Webhooks: URL encoding and calltime

**Status:** Section patch — insert on existing page **Webhooks** on wiki.kolmisoft.com.

**Page title:** `Webhooks`

**Verified links:** none required in this fragment (host page is Webhooks).

**Placement:** Under `== Call End Webhook ==`, after the parameter table in `=== Request format ===` and **before** `=== Examples ===`.

---

 
=== URL encoding (query parameters) ===

MOR sends call-end data as a query string on your configured URL. Each parameter '''name''' and '''value''' is URL-encoded so that reserved characters do not break the request.

'''Why you may see <code>%3A</code> and <code>%2B</code> in <code>calltime</code>''' 
The <code>calltime</code> value is an ISO 8601 date/time, for example <code>2026-06-11T13:36:03.000+00:00</code>. In a query string, characters such as colons and plus signs must be encoded:

{| class="wikitable"
! Encoded sequence !! Character !! Typical role in <code>calltime</code>
|-
| <code>%3A</code> || <code>:</code> || Separates hours, minutes, and seconds (for example <code>13%3A36%3A03</code>)
|-
| <code>%2B</code> || <code>+</code> || Starts a numeric UTC offset (for example <code>%2B00%3A00</code> for UTC)
|}

A full encoded <code>calltime</code> may look like:

<code>calltime=2026-06-11T13%3A36%3A03.000%2B00%3A00</code>

After URL decoding, that is the same instant as <code>2026-06-11T13:36:03.000+00:00</code>.

'''Decoding on your server''' 
Use your platform’s standard URL-decoding for query parameters (for example, <code>urllib.parse.parse_qs</code> in Python, <code>parse_str</code> / <code>urldecode</code> in PHP, or framework request helpers). Do not treat the raw query substring as a plain timestamp without decoding.

'''Why the plus sign is encoded''' 
In application/x-www-form-urlencoded query strings, an unencoded <code>+</code> is often interpreted as a space. Encoding <code>+</code> as <code>%2B</code> keeps the timezone offset intact.

'''UTC with a <code>Z</code> suffix (equivalent form)''' 
MOR sends <code>calltime</code> in ISO 8601 with a numeric timezone offset (for example <code>...+00:00</code>), which produces <code>%2B</code> in the encoded URL. The same UTC instant can also be written with a trailing <code>Z</code> (for example, <code>2025-11-04T22:52:23Z</code>). That form is shorter and would avoid <code>%2B</code>, but colons still encode as <code>%3A</code>:

<code>calltime=2025-11-04T22%3A52%3A23Z</code>

When decoding, treat <code>Z</code> and <code>+00:00</code> as the same UTC offset.

'''Other parameters''' 
The same encoding rules apply to all call-end query parameters (for example, <code>src</code>, <code>dst</code>, <code>currency</code>). Only values that contain reserved characters will show percent-escapes in the logged URL.

 

== Warning Balance Webhook ==

MOR-only. See [[Warning balance]] for the full feature (email, audio announcement, scheduling).

 
=== Configuration ===

On '''[[User Details]]''' (user edit), in the Warning Balance section:

* Enable '''Active''' for Warning Balance.
* Set '''Send warning when balance drops lower than''' thresholds (including the admin threshold that triggers the webhook).
* Check '''Admin Webhook''' and set the webhook URL on the same row (<code>http://</code> or <code>https://</code> required).
* The webhook is '''not tied to email''' — it can run with webhook only (Active enabled, threshold and URL set) even if email notifications are disabled.
* Admin Webhook fields are available from an admin or accountant account editing the user.

The URL is a '''template''': MOR substitutes [[Email variables]] into the URL the same way as email bodies (for example, <code>https://example.com/hook?user=<%= username %>&balance=<%= balance %></code>).

 
=== When it fires ===

* Fires when the same conditions that send the '''admin''' Warning Balance email are met (user balance below the admin warning threshold).
* Warning Balance checks run on an '''hourly''' schedule — delivery may lag briefly after the balance crosses the threshold.
* If '''Every day at''' is selected for Warning Balance email timing, the webhook follows that schedule as well (not on every balance change).

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Body:''' empty
* '''URL:''' rendered from the configured Admin Webhook URL template after variable substitution

Common variables include <code>username</code>, <code>balance</code>, <code>nice_balance</code>, <code>warning_email_balance</code>, <code>nice_warning_email_balance</code>, <code>currency</code>, and <code>user_id</code>. See [[Email variables]] for the full list.

 
=== Example ===

Configured URL:

<code>https://example.com/warning?user=<%= username %>&balance=<%= balance %>&currency=<%= currency %></code>

Sent request (POST to rendered URL, empty body):

<code>https://example.com/warning?user=john&balance=4.50&currency=USD</code>

 
== Alert Webhooks ==

When an alert is '''raised''' or '''cleared''', MOR/M4 can POST a JSON notification to every contact in the alert's notification group that has a non-empty '''Webhook URL'''.

 
=== MOR configuration ===

# Contacts — set '''Webhook URL''' per contact: '''ADDONS → Monitorings → Contacts''' ([[Alert Contacts]]).
# Groups — assign contacts to a group: '''ADDONS → Monitorings → Groups''' ([[Alert Groups]]).
# Alerts — on alert edit ([[Alerts]]):
#* '''Group to Notify''' — select the contact group.
#* '''Notify On Alert via Webhook''' — send webhook when the alert is raised.
#* '''Notify On Clear via Webhook''' — send webhook when the alert is cleared.

See [[Monitorings Addon]] and [[Alerts]] for alert parameters, clear rules, and examples.

 
=== M4 configuration ===

Same webhook payload as MOR. Configuration paths on M4:

# Contacts — set '''Webhook URL''' on each alert contact (see [[M4 Alerts]]).
# Alerts — under '''SECURITY → Alerts''' ([[M4 Alerts]]):
#* '''Group to Notify''' — select the contact group.
#* '''Notify On Alert via Webhook''' / '''Notify On Clear via Webhook''' — same options as MOR.

 
=== When it fires ===

* '''ALERT''' — when the alert condition is met and '''Notify On Alert via Webhook''' is enabled on that alert.
* '''CLEAR''' — when the alert clears and '''Notify On Clear via Webhook''' is enabled on that alert.
* One HTTP request is sent to '''each''' contact in the selected group whose '''Webhook URL''' is non-empty.
* Contact webhook URLs must start with <code>http://</code> or <code>https://</code>.

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Content-Type:''' <code>application/json</code>
* '''Body:''' JSON object

{| class="wikitable"
! Field !! Description
|-
| <code>type</code> || Trigger type: <code>ALERT</code> or <code>CLEAR</code>
|-
| <code>group_id</code> || Alert group id
|-
| <code>alert_id</code> || Alert id
|-
| <code>alert_name</code> || Alert name
|-
| <code>object_id</code> || Id of the monitored object
|-
| <code>object_name</code> || Human-readable object name
|-
| <code>cause</code> || Alert parameter / cause (for example <code>CALLS TOTAL</code>)
|-
| <code>value</code> || Current measured value (number)
|-
| <code>count</code> || Data count (integer)
|-
| <code>timestamp</code> || Date/time when the alert or clear triggered (<code>YYYY-MM-DD HH:MM:SS</code>)
|}

 
=== Example payload ===

<pre>
{
"type": "ALERT",
"group_id": 12,
"alert_id": 42,
"alert_name": "Test",
"object_id": 123,
"object_name": "Example OP",
"cause": "CALLS TOTAL",
"value": 150.0,
"count": 150,
"timestamp": "2026-02-26 12:34:56"
}
</pre>

 
= See also =

* [[Alerts]] — MOR alert configuration and examples
* [[M4 Alerts]] — M4 alert configuration
* [[Warning balance]] — Warning Balance email, audio, and scheduling
* [[Alert Contacts]] — contact webhook URLs for MOR alerts
* [[Alert Groups]] — group contacts for alert notifications
* [[Email variables]] — template variables for Warning Balance webhook URLs
* [[MOR API device update]] — set <code>webhook_url_for_call_end</code> via API
* [[MOR API device details get]] — read <code>webhook_url_for_call_end</code>
* [[MOR API]] — legacy API overview

MOR API device update

2026-06-11T13:28:28Z

Admin: /* Usage */

=Description=


[[MOR API]] update existing Device from params.
 
=Usage=

* Call: /api/device_update
* Methods: POST, GET(if allowed, not recomended)
 
===Parameters===

Parameters which are '''included''' into hash:

* '''device''' - device_id. '''Required'''.
* '''authentication''' - 0 stands for "Dynamic (Username/Password)" Device Authentication, 1 stands for "IP Authentication:"
* '''username''' - sets value for Username if device Authentication value is Dynamic. 
* '''host''' - sets value for IP Address if device Authentication value is IP Authentication
* '''port''' - sets value for Port if device Authentication value is IP Authentication

'''Note that parameters are shown in the same order as they have to be when generating the hash. Last parameter in a row is API_Secret_Key'''
 
Parameters which are '''not included''' into hash:
* '''[[MOR API hash construction | hash]]''' - SHA1 hash constructed using '''parameters''' which are listed above. Note that parameters are shown in the same order as they have to be when generating the hash. Last parameter in a row is '''API_Secret_Key''' ([[MOR API hash construction | More described in Constructing hash]]). '''Required'''. 
* '''u''' - username for authentication. '''Required'''.
* '''new_location_id''' - location_id.

* '''callerid_number''' - number.
* '''callerid_name''' - name.

* '''trunk''' - 0 stand for "No", 1 stand for "Yes", 2 stands for "Yes with ANI".
* '''fax_email_add''' - email address to add.
* '''fax_email_delete''' - email address to delete.
* '''call_limit''' - call limit. Set 0 if you want unlimited sim. calls.
* '''inbound_call_limit''' - call limit. Set 0 if you want unlimited inbound calls.
* '''fromuser''' - sets value for Fromuser.
* '''password''' - sets value for Password if device Authentication value is Dynamic.
* '''call_timeout''' - max call duration (in seconds).
* '''extension''' - device extension. Allowed symbols: a-z0-9#*.
* '''pin''' - device PIN. Allowed symbols: 0-9 or empty parameter.
* '''hidden''' - for hiding and unhiding Devices. Allowed values: 0 - unhide, 1 - hide.
* '''language''' - sets value for language.

* '''allow_empty_callerid''' - if set to 1, allows to set empty callerid_number and/or callerid_name.
* '''comment''' - device comment to add or update.

* '''encryption''' - enable or disable encryption. Allowed values: 1 - yes, 0 - no.
* '''transport''' - allowed values: "'''udp'''", "'''tcp'''", "'''udp,tcp'''", "'''tcp,udp'''", "'''tls'''".

* '''hostname''' - set device hostname, will take effect only if authentication = 1 (IP authenticated device).
* '''device_balance_enabled''' - enable or disable device balance. Allowed values: 1 - enable, 0 - disable.
* '''balance''' - set device balance. Only numeric values.

* '''ringing_timeout''' - max ringing duration in seconds (minimum value is 10).
* '''callerid_control_by_dids''' - 1 - enable, 0 - disable. Only available when the device has DIDs and the CallerID Number field is empty.
* '''callerid_random_number_from_dids''' - 1 - enable, 0 - disable. Use a random DID assigned to this device for CallerID.
'''Note''' that there is a parameter '''callerid_control_by_dids''', so if you want to enable one of them, send the parameter only for one of them. You do not need to send one request to disable and another to enable.
* '''voicemail_email''' - VoiceMail email address. To read back email, password, timezone, and delete-after-send in one call, use [[MOR API device details get]] — response tags <code>voicemail_email</code>, <code>voicemail_password</code>, <code>voicemail_tz</code>, and <code>voicemail_delete</code> (password, timezone, and delete are GUI-only on update).
* '''description''' - updates device description field.
* '''progressinband''' - allowed values: "'''No'''", "'''Yes'''", "'''Never'''".

* '''emergency_callerid''' - number for Emergency callerID.
* '''emergency_callerid_pool_id''' - Id of Emergency CallerID Number Pool
* '''sendrpid''' - yes, no (SIP)
* '''t38_support''' - no, yes, fec, redundancy and none (SIP and FAX, same as GUI)
* '''сopy_legA_name_to_LegB_number''' - 0,1 (SIP)

* '''total_call_limit''' - one concurrent Call Limit (Outbound + Inbound). If the request uses call_limit and inbound_call_limit together with total_call_limit, then total_call_limit will be used.
* '''valid_cid_number_pool_id''' - Number Pool with valid CallerIDs.
* '''fake_number_pool_id''' - Random Number from Number Pool.
'''Note''': It should be taken into account that '''Use random Number when CallerID is invalid''' is not stored in the database. The option is '''on''' when both '''number_pools''' ('''valid_cid_number_pool_id''' and '''fake_number_pool_id''') are set. If they are not set, both '''number_pool''' parameters must be specified the first time to save the values. Other times, the parameters can be specified separately.
To disable the option '''Use random Number when CallerID is invalid''' it is required to send '''-1''' with parameters '''valid_cid_number_pool_id''' or '''fake_number_pool_id'''. 
Example: '''valid_cid_number_pool_id=-1'''.
* '''trunk_3cx''' - Enable 3CX option. This setting is meaningful only if the '''trunk''' parameter is set to 1 or 2.
* '''nat''' - available options "'''no'''", "'''force_rport,comedia'''" (which is "'''yes'''" in GUI), "'''force_rport'''", "'''comedia'''".
* '''qualify''' - 1 - enable, 0 - disable. Works only for SIP/PJSIP devices.
* '''qualify_timeout''' - value >= 500 in ms.
* '''qualify_frequency''' - value >= 10 in seconds. Works only for PJSIP devices.
* '''media_use_received_transport''' - Optional. Allowed values: <code>yes</code>, <code>no</code>. Works only when the device uses SIP with the PJSIP driver (<code>chan_pjsip</code>). When <code>yes</code>, Asterisk sets <code>media_use_received_transport</code> on the endpoint so the media transport from the received SDP offer is echoed in the answer (useful for DTLS-SRTP / [[WebRTC|WebRTC]] and some NAT scenarios). Invalid values are ignored; the column is unchanged. Not available on device_create — new devices inherit the Default Device template and TLS auto-default rules instead. Response field on [[MOR API device details get|device_details_get]]: <code>pjsip_endpoint_media_use_received_transport</code>.
* '''custom_sip_header''' - Custom SIP header for SIP devices. Format is <code>header: value</code> (example: <code>x-My-Custom-Header: my value</code>). An empty parameter clears the stored value. Maximum 255 characters. Read back with [[MOR API device details get]] tag <code>custom_sip_header</code>.
* '''webhook_url_for_call_end''' - Webhook URL for Call End notifications for this device. Must start with <code>http://</code> or <code>https://</code> when non-empty. Empty parameter clears the stored value. Applies to all device types. Read back with [[MOR API device details get]] tag <code>webhook_url_for_call_end</code>. See [[Webhooks]] for delivery format and trigger semantics.

 
'''Additional feature'''
 
If the API setting '''Allow Resellers to use Admin Localization Rules''' is enabled: Reseller is able to set a location inherited from Admin. '''new_location_id''' should be used as a parameter for location.
 

===Request===

HTML POST: http://<SERVER_IP>/billing/api/device_update?u=admin&device=2&new_location_id=7&hash=297dab8c386794b2e947d52affb8f576c643569e
 

===Returns===

'''Success'''

<page>
<status>
<success>Device successfully updated</success>
</status>
</page>
 
----
'''Errors'''

* <error>Incorrect hash</error> - Hash was not correct. Check API_Secret_Key and order or params while concatenating hash_string.
* <error>Access Denied</error> - access not allowed
* <error>Device was not found</error> - Device id incorrect or does not exist
* <error>Location was not found</error> - Location id incorrect or does not exist
* <error>Password is too short</error> - Password of device is too short
* <error>CallerID Control By DIDs was not updated because the device has callerID number</error>
* <error>CallerID Control By DIDs was not updated because the device is not assigned to any DID</error>
* <error>Wrong format of VoiceMail Email address</error>
* <error>Emergency CallerID was not updated. Number Pool was not found</error>
* <error>Emergency CallerID Number Pool was not updated. Emergency CallerID must be present</error>
* <error>Emergency CallerID Number Pool was not updated. Number Pool was not found</error>
 

==Examples==

Change Username/Password authenticated Device to IP authenticated Device:
http://<SERVER_IP>/billing/api/device_update?u=admin&device=51&authentication=1&host=192.168.5.20&port=5060&hash=XXXX

Set empty CallerID:
http://<SERVER_IP>/billing/api/device_update?u=admin&device=2&allow_empty_callerid=1&callerid_number=&hash=XXXX

=See also=

* [[MOR API]]

Warning balance

2026-06-11T13:25:21Z

Admin: /* From Admin Account */

= Description=

This function allows a number of actions to be taken when a user's balance drops lower than the set value.

You can edit '''Warning Balance''' in [[User Details]].

 
== From Admin Account ==

[[Image:Warning balance user edit.png]]
 

Check '''Active''' to activate this function.

Upon activation, the User, Admin, and Responsible Accountant will receive an email when the User's balance drops lower than the balance set in the fields after: '''Send warning when balance drops lower than'''.

Select when to send such an email and for whom:

* '''Only once when balance drops lower than''' – email will be sent only once when the balance drops lower than the defined value.
* '''Every day at''' – an email will be sent every day at a selected time (in the user's time zone) while the balance is lower than the defined value.

Additionally, you can play an audio message whenever the user makes a call if the balance drops below the setup Warning Balance.

Check '''Play before every call''' and select the audio file to play.

'''Play when balance drops lower than''' lets to set the balance limit for the above option.

Use this with caution - not many users will like this!

* '''Warning Balance Email''' – This Email is used as a primary email to send the Warning Balance email. If this email is empty '''Email''' in the Registration Address section is used.

* '''Admin Webhook''' – together with the Warning Balance email, a request is sent to the specified URL with data according to the URL config. Webhook URL: '''http://''' or '''https://''' required. The webhook is not tied to email. It can work without email. Just enable "Active", specify values and the Webhook URL.
** More info: [[Webhooks]]

 

== From Reseller Account ==

[[Image:Warning_balance_user_edit_from_reseller.png]]
 

Check '''Active''' to activate this function.

Upon activation, the User and Reseller will receive an email when the User's balance drops lower than the balance set in the fields after: '''Send warning when balance drops lower than'''.

Select when to send such an email and for whom:

* '''Only once when balance drops lower than''' – email will be sent only one time when balance drops lower than defined value.
* '''Every day at''' – email will be sent every day at a selected time (in user's time zone), while the balance is lower than defined value.

Additionally, you can play an audio message whenever the user makes a call if the balance drops below the setup Warning Balance.

Check '''Play before every call''' and select the audio file to play.

Use this with caution - not many users will like this!

* '''Warning Balance Email''' – This Email is used as a primary email to send the Warning Balance email. If this email is empty '''Email''' in the Registration Address section is used.

 

=Other notes=

*Emails are sent hourly that means that it might take some time for you to receive an email after the balance drops.

 

= See also =

* [[User Details]]

M4 Alerts

2026-06-11T13:24:50Z

Admin: /* Webhook notifications */

=Description=

Alerts is located under '''SECURITY -> Alerts'''

Alerts functionality is dedicated to taking action about your system issues that may cause a problem. For example, you may block a User, disable Origination/Termination Point or simply send a notification to a specified [[Alert Groups|Group]] of [[M4 Alert Contacts|Contacts]].
 
==Parameters==

You are able to follow these parameters:

* [[ASR/ACD|ASR]] – Answer-Seizure Ratio (percent)
* [[ASR/ACD|ACD]] – Average Call Duration (in seconds)
* PDD – Average Post Dial Delay. The time between punching in the last digit of a telephone number and receiving a ring or busy signal (in seconds)
* TTC (Time to Connect)(DURATION-BILLSEC) – Average time between receiving a ring signal and answer to the call (in seconds)
* BILLSEC – Sum of calls billsec (in seconds)
* TOTAL CALLS – Sum of all calls.
* ANSWERED CALLS – Sum of answered calls.
* NOT ANSWERED CALLS – Sum of not answered calls (FAILED, BUSY, NO ANSWER).
* SIMULTANEOUS CALLS – Number of simultaneous calls (only applies to users and providers).
* PRICE SUM – Sum of calls price (only applies to users and providers).
* HGC (ABSOLUTE) – Number of calls terminated with this [[M4 Hangupcause Codes|HGC]].
* HGC (PERCENT) – Percentage of calls terminated with this [[M4 Hangupcause Codes|HGC]].

And it is possible to take action for these types of M4 Objects or send a notification about it:
 

== Object Types ==

* [[M4 Users|Client]]
** All
** One Client (User)
* [[M4 Termination Points | Termination Points]]
** All Termination Points
** One Termination Point for a specific User
* [[M4 Origination Points | Origination Points]]
** All Origination Points
** One Origination Point for a specific User
* [[Directions and Destinations | Destinations]]
** One Destination by a prefix.
** Few Destinations by prefix and % sign. Eg. 93%, 3706%, and so on.
* [[Destinations Groups]]
 
==Primary and Secondary Object==

If the Primary Object is an Origination or Termination point, it is possible to select a Secondary Object. The secondary Object's Type can be only Destination or Destination Group. This allows selecting only a specific Destination or Destination Group for a particular Termination/Origination Point.
 
==User to Notify==

When the Object Type is a ''' Client''' you have the option to Notify User(s) by email.
An email goes to one of the preset email addresses:

* Usually email is sent to '''NOC email''' address.
* If '''NOC email''' address is not set, email is sent to '''Main email''' address.
* If '''Main email''' address is not set, email is sent to '''Billing email''' address.
* If '''Billing email''' address is not set, email is sent to '''Rates email''' address.
* If none of the NOC, Main, Billing, or Rates email is set, no Alert notification email will be sent.
 
=Settings=
 
==General==

[[File:M4_alerts_edit_general.png]]

* '''Alert Name''' – name of Alert.
* '''Primary Object''' - Primary Object to observe. All alerts must have a Primary Object.
* '''Object Type''' – select [[M4_Alerts#Object_Types|Object Type]] to observe for Primary Object.
* '''Object Name''' – specify name/prefix of Primary Object (fields depend on selected Object Type)
* '''Secondary Object''' - Secondary Object to observe. Only Available if Primary Object's Type is Termination Point or Origination Point. Secondary Object act as the Destination/Destination Group filter for the Primary Object.
* '''Object Type''' – select Object Type to observe for Secondary Object. Available types are Destination and Destination Group.
* '''Object Name''' – specify name/prefix of Secondary Object.
 
* '''Parameter''' – choose which parameter should be followed.
* '''Check last''' – the time period to check.
'''NOTE''': Object Type, Object Name, and Parameter cannot be changed once Alert is created.
* '''Ignore if Calls (in 1 h)''' <= – indicate calls sum when the system should ignore Alert if calls sum in one hour is less than written (if 0, Alert will not be ignored).
* '''Ignore if Calls (in 1 h)''' >= – indicate calls sum when the system should ignore Alert if calls sum one hour is more than written (if 0, Alert will not be ignored).
* '''Group to Notify''' – select [[Alert Groups|Group]] of [[Alert Contacts|Contacts]] who should be informed about Alert/clear.
* '''Notify to User''' – it is available only when the Alert object type is Client or Origination/Termination Point. Check if you want to notify the User on Alert. More information available [[M4_Alerts#User_to_Notify|here]].
 

==Alert==

[[File:M4_alerts_edit_alert.png]]

* '''Alert if <=''' - triggers the alert when the observed parameter drops below the given value.
* '''Alert if >=''' - triggers the alert when the observed parameter raises above the given value.
* '''Disable Primary Object''' - disables the observed primary object when an alert is triggered. NOT available for Destinations and Destination Group-type objects.
* '''Disable TP in Dial Peer''' - disables the selected Termination Point when an alert is triggered (only available when observing the Termination Point object). This option does not have any effect when "Disable Primary Object" is enabled.
*''' Routing Group''' - sets the provided Routing Group for the observed object (only available when observing [[M4 Origination Points | Origination Points]])
* '''Deactivate DP in RG:''' - deactivates selected [[M4 Dial Peers|Dial Peer]] in Origination Point's Routing Group (only available when observing [[M4 Origination Points | Origination Points]])
* '''Notify On Alert via Email''' - sends a notification email when an alert is triggered.
* '''Notify On Alert via Webhook''' - when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/M4_Alerts#Webhook_notifications here].

 

==Clear==

[[File:M4_alerts_edit_clear.png]]
 
* '''Disable Clear''' - disables clearing indefinitely. The changes triggered by the alert can be changed manually.
* '''Clear on Condition'''
** '''Clear if <=''' - clears the alert when the observed parameter drops below the given value.
** '''Clear if >=''' - clears the alert when the observed parameter rises above the given value.
*''' Clear on time basis'''
** '''Clear after''' - clears the alert after a given period of time. (The period is set once the alert is triggered)
** '''Clear on Date''' - clears the alert on the given date.
* '' 'Enable Primary Object''' - enables the Primary Object once the alert is cleared. Only available if '''Disable Primary Object''' is selected in the Alerts section.
* '''Enable TP in Dial Peer''' - enables Termination Point to be used again in the corresponding Dial Peer (only available when observing Termination Point object).
* '''Routing Group''' - sets the provided Routing Group for the observed object(only available when observing [[M4 Origination Points | Origination Points]])
* '''Activate DP in RG:''' - activates Dial Peer in Routing Group (the one disabled in '''Deactivate DP in RG:''' setting on Alert section). Only available when observing [[M4 Origination Points | Origination Points]].
* '''Notify On Clear via Email''' - sends a notification email when an alert is cleared.
* '''Notify On Clear via Webhook''' - when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/M4_Alerts#Webhook_notifications here].

 

= Webhook notifications =

When an alert is raised or cleared and options '''Notify On Alert via Webhook''' or '''Notify On Clear via Webhook''' in the Alert are enabled, a HTTP request will be sent to each Contact in the Alert Group that has '''Webhook''' URL set. The request uses HTTP POST with JSON payload (Content-Type: application/json).

JSON Payload:

* '''type''' - Alert trigger type, either "ALERT" or "CLEAR".
* '''group_id''' - Alert Group ID.
* '''alert_id''' - Alert ID.
* '''alert_name''' - Alert name.
* '''object_id''' - ID of checked Object.
* '''object_name''' - human-readable Object name.
* '''cause''' - Alert type.
* '''value''' - current value.
* '''count''' - data count.
* '''timestamp''' - timestamp when Alert/Clear triggered.

Example payload:

{
"type": "ALERT",
"group_id": 12,
"alert_id": 42,
"alert_name": "Test",
"object_id": 123,
"object_name": "Example OP",
"cause": "CALLS TOTAL",
"value": 150.0,
"count": 150,
"timestamp": "2026-02-26 12:34:56"
}

More info: [[Webhooks]]
 

=Examples=

===Block Termination Point for 1 hour if ACD during last 24h drops below 120 seconds===

Primary Object, Object Type: Termination Point

Object name: select a specific Termination Point

Parameter: ACD

Check Last: 24h

Ignore if Calls (in 24 h) <=: 50

Alert if ASR <=: 120

Disable Primary Object: checked

Disable Clear: unchecked

Clear on a time basis, Clear after 60 minutes

Enable Primary Object: checked

 

=See also=

* [[M4 Alert Contacts]]

Alerts

2026-06-11T13:24:32Z

Admin: /* Webhook notifications */

=Description=

Alerts functionality is dedicated to taking actions about your system issues which may cause a problem. You may block User, disable Provider, change LCR for User or simply send a notification to specified [[Alert Groups|Group]] of [[Alert Contacts|Contacts]].

You are able to follow these parameters:

* [[ASR/ACD|ASR]] – Answer-Seizure Ratio (percent)
* [[ASR/ACD|ACD]] – Average Call Duration (in seconds)
* PDD – Average Post Dial Delay. The time between punching in the last digit of a telephone number and receiving a ring or busy signal (in seconds)
* TTC (Time to Connect)(DURATION-BILLSEC) – Average time between receiving a ring signal and answer to the call (in seconds)
* BILLSEC – Sum of calls bilsec (in seconds)
* TOTAL CALLS – Sum of all calls.
* TOTAL OUTGOING CALLS – Sum of outgoing calls.
* ANSWERED CALLS – Sum of answered calls.
* NOT ANSWERED CALLS – Sum of not answered calls (FAILED, BUSY, NO ANSWER).
* SIMULTANEOUS CALLS – Number of simultaneous calls (only applies to users and providers).
* PRICE SUM – Sum of calls price (only applies to users and providers).
* HGC (absolute) – Sum of calls, which ended with a specific [[Hangupcause_Codes | Hangupcause code]]. The HGC has to be set in the ''HGC'' field (it appears once ''Parameter: HGC'' is chosen).
* HGC (percent) – Percent of calls, which ended with a specific [[Hangupcause_Codes | Hangupcause code]]. The HGC has to be set in the ''HGC'' field (it appears once ''Parameter: HGC'' is chosen).
* REGISTRATION - Device registration status (either registered or not).
And it is possible to make actions for these types of MOR Objects or send notification about it:

* [[Users]]
** All
** Postpaid
** Prepaid
** One User
* [[Providers]]
* [[Devices]]
* [[Directions and Destinations | Destinations]]
** One Destination by prefix.
** Few Destinations by prefix and % sign. Eg. 93%, 3706% and so on.
* [[Destinations Groups]]
* System
** Any call made will be assigned to System object (even unauthenticated calls). Useful for general System monitoring.
 

=Usage=

Go to '''ADDONS –> Monitorings –> Alerts'''
 
[[File:alerts_path.png]]
 
Here you can see list of all created Alerts and their main information like is Alert active? When it was Raised/Cleared last time? What value was at Alert/Clear...
 
[[File:alerts_list.png]]
 
Click on [[Image:icon_add.png]]'''Add new Alert''' link to create an Alert or click on [[image:icon_edit.png]] icon to change settings of existing Alert.
 
[[File:Mor_alerts_edit_4.png|right]]
 
'''General'''

* '''Name''' – Alert name.
* '''Object Type''' – select which Object you want to follow.
* '''Object Name''' – pecify name/prefix of Object.
* '''Parameter''' – choose which parameter should be followed.
* '''Alert Type''' – ABS means that absolute data values will be taken from specified time period.
'''NOTE''': Object Type, Object Name, Parameter, Alert Type cannot be changed once Alert is created.
* '''Ignore if Calls''' <= – indicate calls sum when system should ignore Alert if calls sum is less than written (if 0, Alert will not be ignored).
* '''Ignore if Calls''' >= – indicate calls sum when system should ignore Alert if calls sum is more than written (if 0, Alert will not be ignored).
* '''Group to Notify''' – select [[Alert Groups|Group]] of [[Alert Contacts|Contacts]] who should be informed about Alert/clear.
* '''Notify to User''' – it is available only when Alert object type is User or Device. Check if you want to notify User on Alert. 
'''Alert'''

* '''Alert if <=''' – indicate Parameter value when system should raise Alert if value is less than written.
* '''Alert if >=''' – indicate Parameter value when system should raise Alert if value is more than written.
* '''Disable Object''' – check if you want to disable selected Object on Alert.
* '''Disable Provider in LCR''' – indicate LCR where Provider should be disabled.
* '''LCR on Alert''' – select LCR which one should be used after Alert
* '''Notify On Alert via Email''' – check if you want that specified [[Alert Groups|Group]] will receive an email notifications about Alerts.
* '''Notify On Alert via Webhook''' – when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/Alerts#Webhook_notifications here].
 
'''Clear'''

* '''Disable Clear''' – when alert is raised, it will never be cleared.
* '''Clear on Condition'''
** '''Clear if <=''' – indicate Parameter value when system should Clear Alert if value is less than written.
** '''Clear if >=''' – indicate Parameter value when system should Clear Alert if value is more than written.
* '''Clear on time basis'''
** '''Clear after''' – indicate time value after which system should Clear Alert
** '''Clear on Date''' – indicate specific date and time when system should Clear Alert (After clear, selection will be reset)
* '''Enable Object''' – check if you want to enable selected(in Alert configuration) Object on Clear.
* '''Enable Provider in LCR''' – check if you want to enable selected(in Alert configuration) Provider on Clear.
* '''LCR on Clear''' – select LCR which one should be used after Clear.
* '''Notify On Clear via Email''' – check if you want that specified [[Alert Groups|Group]] will receive an email notifications about Clear.
* '''Notify On Alert via Webhook''' – when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/Alerts#Webhook_notifications here].

'''NOTE''' one of '''Clear on Condition''' options and both '''Clear on time basis''' options can be selected at one time. System will clear alert if at least one of conditions will be true, it means that alert will be cleared on condition which first will appear.
 
'''Period'''

You can select different time periods for each alert. This period defines time period which activity have to be checked.

Note: period has no effect when parameter SIMULTANEOUS CALLS is chosen.
 
'''Comment''' – additional notes.
 

= Webhook notifications =

When an alert is raised or cleared and options '''Notify On Alert via Webhook''' or '''Notify On Clear via Webhook''' in the Alert are enabled, a HTTP request will be sent to each Contact in the Alert Group that has '''Webhook''' URL set. The request uses HTTP POST with JSON payload (Content-Type: application/json).

JSON Payload:

* '''type''' - Alert trigger type, either "ALERT" or "CLEAR".
* '''group_id''' - Alert Group ID.
* '''alert_id''' - Alert ID.
* '''alert_name''' - Alert name.
* '''object_id''' - ID of checked Object.
* '''object_name''' - human-readable Object name.
* '''cause''' - Alert type.
* '''value''' - current value.
* '''count''' - data count.
* '''timestamp''' - timestamp when Alert/Clear triggered.

Example payload:

{
"type": "ALERT",
"group_id": 12,
"alert_id": 42,
"alert_name": "Test",
"object_id": 123,
"object_name": "Example OP",
"cause": "CALLS TOTAL",
"value": 150.0,
"count": 150,
"timestamp": "2026-02-26 12:34:56"
}

More info: [[Webhooks]]

 

= Alert vs Clear =

Example with CPU Load, just to demonstrate what an Alert is, what a Clear is, and their proper usage.

[[File:alert_graph.png]]

 

=Examples=

===Send notification and change LCR on Alert===

Parameter: TOTAL CALLS 
Object Type: User 
Object Name: Prepaid 
Alert if >=: 300 
Clear if <=: 200 
LCR on alert: secondary LCR 
LCR on clear: Restore Original 
Group to Notify: support group 
Notify on Alert via Email: checked 
Period: 1h 
 
This Alert monitors all Calls done by Prepaid Users. If a Prepaid User makes more than 300 Calls during one hour period, his LCR will be changed to secondary LCR and Email notification will be sent to every contact on support group.
 
If User's Call count drops below 200 calls during one hour period, his LCR will be restored to original LCR
 

===Block user when simultaneous calls are detected===

Parameter: SIMULTANEOUS CALLS 
Object Type: User 
Object Name: All 
Alert if >=: 2 
Group to Notify: administration 
Notify on Alert via Email: checked 
Disable Object: checked 
Disable Clear: checked 
 
This Alert monitors simultaneous calls done by all Users. If a User makes more than (or equal to) 2 simultaneous Calls to the same destination, his account will be suspended and Email notification will be sent to every contact on administration group.
 
This alert will no be cleared automatically and user will stay suspended even if no more simultaneous calls are present.
 

===Block user if it spends more than 50 EUR in 24h===

Parameter: PRICE SUM 
Object Type: User 
Object Name: All 
Alerf if >= 50 
Group to Notify: administration 
Notify on Alert via Email: checked 
Disable Object: checked 
Disable Clear: checked 
Check last: 24 h 
 

===Alerts triggered by other Alerts===

Administrators are able to create alerts that depend on other alerts. What that means is, that you are able to create an alert that is triggered by a set or a subset of other alerts.

'''Example:'''
* Alert 1 is triggered when a specific user's ACD drops below ten seconds.
* Alert 2 is triggered when a the same user's Device's ASR drops below 50%.
* Alert 3 is triggered when both Alert 1 and Alert 2 is triggered, so that the technicians are notified.

In order to set up such a chain of events, you should first create Alert 1 and Alert 2.

Then, you should set up Alert 3.
 
[[File:Alert_group_parameter.png‎]]
 
* Configure your alert as usual, but instead of a specific parameter choose GROUP.
* Then, add the alert dependencies using the shown interface.

 
[[File:Alert_group_alert.png‎]]
 
* Set a number of alerts, that, when reached will trigger the alert.

 
[[File:Alert_group_clear.png‎]]
 
* Finally set up a number of alerts that will clear your alert.

These alerts can also be nested, without worrying about circular-dependencies, '''MOR''' simply will not let you make them.

 
=See also=

* [[Alert Schedules]]
* [[Alert Groups]]
* [[Alert Contacts]]
* [[ASR/ACD]]
* [[How to resolve long PDD]]

M4 Switch Manual

2026-06-11T13:14:10Z

Admin: /* Reporting */

<html>
<div align="center">
<iframe width="640" height="360" src="https://www.youtube.com/embed/R6rje2SBOi8" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
</div>
</html>
 
<center>M4 is class 4 Softswitch with Billing and Routing with extended functionality, increased stability and professional support directly from the developers. It enables VoIP providers to offer wholesale/transit services.</center>
</div>
 

= General Info =

* [[M4 Switch | Introduction]]
* [[M4 Supported Business Models | Supported Business Models]]
* [https://www.kolmisoft.com/softswitches/class-4-softswitch Functionality]
* [[M4 System Architecture]]
* [[M4 Supported Codecs]]
* [[M4 Codec Transcoding]]
* [[M4 API | API]]
* [[M4 Admin Interface|Admin Interface]]
* [[M4 Video Demonstrations]]
* [[M4 Changelog]]
* [[M4 interconnection form]]

 

= Configuration =

* [[M4 Settings | Settings]]
* [[M4 Users | Users]]
* [[M4 Managers | Managers]]
* [[system.conf]]
* [[Performance Suggestions M4 | Performance Suggestions]]
* [[Destination Groups Policy]]
* [[M4 Caching]]
* [[M4 Media Bypass|Media Bypass]]
* [[M4 White-labeling | White-labeling]]
* [[M4 SIP Header Manipulation]]
** [[M4 RPID/PAI | RPID/PAI]]
* [[M4 Background Tasks]]
* [[M4 Servers]]
* [[M4 TLS]]

 

= Routing =

* [[M4 Routing Logic | Routing Logic]]
* [[M4 Regexp Examples|Regexp Examples]]
* [[M4 Source Transformation | Source Transformation]]
* [[M4 Destination Transformation | Destination Transformation]]
* [[M4 Routing Groups | Routing Groups (RG) ]]
* [[M4 Quality Routing | Quality Routing]]
* [[M4 Dial Peers | Dial Peers (DP) ]]
* [[M4_Directions_and_Destinations | Directions and Destinations]]
* [[M4_How_to_block_calls | How to block calls]]
* [[M4_Mobile_Number_Portability | Mobile Number Portability]]
* [[M4_Local_Number_Portability | Local Number Portability - US Jurisdictional Routing]]
* [[M4_Header_Transformation_Rules_Groups | M4 Header Transformation Rules Groups]]
* [[M4 TP Deviations]]
* [[M4 RTPEngine GeoIP]]

 

= Connection Points =

* [[M4_Connection_Points | Connection Points]]
** [[M4 Termination Points | Termination Points (TP) ]]
*** [[M4 TP Call Limit | TP Call Limit]]
** [[M4 Origination Points | Origination Points (OP) ]]
** [[M4 default device settings]]
** [[M4 disable Q.850 Reason header]]
 

= Billing =

* [[M4 Tariffs| Tariffs]]
* [[M4_Custom_Tariffs | Custom Tariffs]]
* [[M4_CDR_Disputes | CDR Disputes]]
* [[M4 EU Roaming Regulations | EU Roaming Regulations]] - Bill calls by CallerID/Source
* [[M4 Rates | Rates]]
** [[M4 Rate Notifications | Rate Notifications]]
** [[M4 Blocked Rates | Blocked Rates]]
 

= Accounting =

* [[M4 Payments | Payments]]
* [[M4 Customer Invoices| Customer Invoices]]
* [[M4 Supplier Invoices| Supplier Invoices]]
* [[M4_CDR_Rerating | CDR Rerating]]

 

=SIP Trunking Functionality=
* [[M4 Subscriptions|Subscriptions]]
** [[M4 Charge Plans|Charge Plans]]
* [[M4 Services|Services]]
** [[M4 DID Management|DIDs]]
*** [[M4 DIDs Import from CSV|DID Import from CSV]]
** [[M4 Flat-Rates|Flat-Rates]]
** [[M4 Custom Services|Custom Services]]
 

= Reporting =

* [[M4 Reports Examples | Reports Examples]]
* [[M4_Aggregates | Aggregates]]
* [[M4 Aggregates Auto Export | Aggregates Auto Export]]
* [[M4_Calls_by_Clients | Calls by Clients]]
** [[M4 Calls by Clients Detailed| Calls by Clients Detailed]]
* [[M4_Calls_List | Calls List]]
** [[M4 Call Info|Call Info]]
* [[M4_Quick_Stats | Quick Stats]]
* [[M4 Balance Report | Balance Report]]
* [[M4 Financial Status|Financial Status]]
* [[M4 Destination Groups Stats | Destination Groups Stats]]
* [[M4_Load_Stats | Load Stats]]
* [[M4_Calls_Dashboard | Calls Dashboard]]
* [[M4 Calls per Hour]]
* [[M4 Active Calls|Active Calls]]
** [[M4 Active Calls Graph]]
** [[M4 Active Calls Per Server]]
** [[M4 Active Calls Per User Originator Point]]
** [[M4_Terminator_Active_Calls| Terminator Active Calls]]
** [[M4 Active Calls Per User/Vendor Grouped By Destination Group]]
* [[M4 Hangup Cause | Hangup Cause Report]]
* [[M4 Number Pools Usage Report]]
* [[Webhooks]]

 

= Maintenance/Troubleshooting =

* [[M4 CDR Management | CDR Management]]
** [[M4 Automatic CDR Export | Automatic CDR Export]]
** [[M4 CDR Export Templates | CDR Export Templates]]
* [[M4 Hangupcause Codes | Hangupcause Codes]]
** [[M4 Disconnect Code Changes | Disconnect Code Changes]]
* [[M4 Disconnect Codes]]
* [[M4 Warning Balance | Warning Balance]]
* [[M4 Alerts | Alerts]]
* [[M4 Number Pools|Number Pools]]
* [[M4 Directions | Directions]]
* [[M4 Call Tracing | Call Tracing]]
* [[M4 Call Info | Call Info]]
* [[M4 under NAT]]
* [[M4 Email log]]
* [[Second Admin account]]
* [[OPTIONS packet sending]]
* [[M4 Block and Hide Connection Points]]

 

= Security =

* [[M4 Whitelisted IPs]]
* [[M4_Blocked_IPs | Block IPs]]
* [[M4_Blocked_Countries | Block Countries]]
* [[M4_Login_Failure_Report | Login_Failure_Report]]
* [[M4_Login_with_approved_IP%27s | Login with approved IP's]]
* [[Blocking SIP Scanners]]
* [[M4 Iptables Chains]]
* [[M4 two factor authentication]]
* [[How to set up SSL certificate with Let's Encrypt]]

 
= Addons =
* [[Automatic Tariff Import | Automatic Tariff Import]]
* [[M4 Mobile Number Portability|Mobile Number Portability]]
* Payment Gateway (includes [[M4 PayPal Addon| PayPal]] and [[M4 Stripe|Stripe]])
* [[M4_Inbound_DIDs|Inbound DIDs]] (includes [[M4_DID_Management|DIDs]], [[M4_Services|Services]], [[M4_Flat-Rates|Flat-Rates]] and [[M4_Subscriptions|Subscriptions]]).

 

= I Have a Problem =

* [[M4_Ports_which_should_be_opened | Ports which should be opened]]
* [[M4 Call Count Bigger That What We Can Process]]
* [[Sometimes users are blocked automatically]]
 

= User Portal =

* [[M4 User Dashboard | Dashboard]]
 

= Tutorials =

* [[M4 How to make first call | How to make first call]]
* [[M4 Execute External Script]]
* [[M4 Video Demonstrations]]

Webhooks

2026-06-11T13:12:55Z

Admin: Created page with "MOR and M4 can send **outbound HTTP POST** requests to URLs you configure when certain events occur. There are two delivery formats: * '''Query-string webhooks''' — HTTP POST with an '''empty body'''; event data is appended to your configured URL as query string parameters (Call End, Warning Balance). * '''JSON webhooks''' — HTTP POST with a '''JSON body''' and <code>Content-Type: application/json</code> (Alerts). == Overview == {| class="wikitable" ! Web..."

MOR and M4 can send **outbound HTTP POST** requests to URLs you configure when certain events occur. There are two delivery formats:

* '''Query-string webhooks''' — HTTP POST with an '''empty body'''; event data is appended to your configured URL as query string parameters (Call End, Warning Balance).
* '''JSON webhooks''' — HTTP POST with a '''JSON body''' and <code>Content-Type: application/json</code> (Alerts).

 
== Overview ==

{| class="wikitable"
! Webhook type !! Product !! When it fires !! Request format
|-
| Call End || MOR || A completed call whose source device has a webhook URL || POST, empty body, query string
|-
| Warning Balance || MOR || User balance drops below the configured admin warning threshold || POST, empty body, URL built from template
|-
| Alert / Clear || MOR, M4 || An alert is raised or cleared, and the matching notify option is enabled || POST, JSON body
|}

 
== Call End Webhook ==

 
=== Configuration ===

* '''Per device:''' Device edit → Advanced → '''Webhook URL for Call End''' (field <code>webhook_url_for_call_end</code>).
* '''Default for new devices:''' SETTINGS → Default Device → same field.
* '''Legacy API write:''' [[MOR API]] [[MOR API device update]] parameter <code>webhook_url_for_call_end</code> (not included in hash). An empty value clears the URL.
* '''Legacy API read:''' [[MOR API device details get]] tag <code>webhook_url_for_call_end</code>.
* URL must start with <code>http://</code> or <code>https://</code>.

 
=== When it fires ===

* MOR checks for newly completed calls approximately every '''10 seconds'''.
* Only calls where the '''source device''' has a non-empty webhook URL are considered.
* Only calls with <code>calltime</code> within the last '''~2 hours''' are eligible.
* On first use, delivery starts from the current newest call — '''historical calls are not sent'''.
* After a restart, MOR resumes from the last successfully delivered call instead of skipping or re-sending older calls.

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Body:''' empty
* '''Parameters:''' query string on the configured URL

If your base URL already contains query parameters (for example, <code>https://example.com/hook?api_key=secret</code>), MOR merges call parameters with <code>&</code> (single <code>?</code>). Parameter values are URL-encoded.

{| class="wikitable"
! Parameter !! Description
|-
| <code>user_id</code> || User id associated with the call
|-
| <code>device_id</code> || Source device id
|-
| <code>calltime</code> || Call date/time
|-
| <code>src</code> || Caller source
|-
| <code>dst</code> || Destination
|-
| <code>hangupcause</code> || Hangup cause code
|-
| <code>billsec</code> || Billed seconds
|-
| <code>call_price</code> || Call price in the user's currency
|-
| <code>balance_at_the_end_of_call</code> || User balance in the user's currency at send time
|-
| <code>currency</code> || User currency code (for example <code>USD</code>, <code>EUR</code>)
|}

 
=== Examples ===

Bare base URL:

<code>http://192.168.1.142:8080/test?user_id=2&device_id=80&calltime=2026-06-11+10%3A00%3A00&src=101&dst=123123&hangupcause=16&billsec=50&call_price=5&balance_at_the_end_of_call=100&currency=USD</code>

Base URL with existing query parameter:

* Configured: <code>http://192.168.1.142:8080/test?api_key=mytoken</code>
* Sent: <code>http://192.168.1.142:8080/test?api_key=mytoken&user_id=2&device_id=80&...</code>

 
=== Limitations ===

* Only the '''source''' device webhook URL is used (not the destination device).
* Delivery is '''not real-time''' at hangup — expect up to ~10 seconds polling delay.
* Call-end and warning-balance webhooks are delivered through the same outbound notification pipeline.

 
== Warning Balance Webhook ==

MOR-only. See [[Warning balance]] for the full feature (email, audio announcement, scheduling).

 
=== Configuration ===

On '''[[User Details]]''' (user edit), in the Warning Balance section:

* Enable '''Active''' for Warning Balance.
* Set '''Send warning when balance drops lower than''' thresholds (including the admin threshold that triggers the webhook).
* Check '''Admin Webhook''' and set the webhook URL on the same row (<code>http://</code> or <code>https://</code> required).
* The webhook is '''not tied to email''' — it can run with webhook only (Active enabled, threshold and URL set) even if email notifications are disabled.
* Admin Webhook fields are available from an admin or accountant account editing the user.

The URL is a '''template''': MOR substitutes [[Email variables]] into the URL the same way as email bodies (for example, <code>https://example.com/hook?user=<%= username %>&balance=<%= balance %></code>).

 
=== When it fires ===

* Fires when the same conditions that send the '''admin''' Warning Balance email are met (user balance below the admin warning threshold).
* Warning Balance checks run on an '''hourly''' schedule — delivery may lag briefly after the balance crosses the threshold.
* If '''Every day at''' is selected for Warning Balance email timing, the webhook follows that schedule as well (not on every balance change).

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Body:''' empty
* '''URL:''' rendered from the configured Admin Webhook URL template after variable substitution

Common variables include <code>username</code>, <code>balance</code>, <code>nice_balance</code>, <code>warning_email_balance</code>, <code>nice_warning_email_balance</code>, <code>currency</code>, and <code>user_id</code>. See [[Email variables]] for the full list.

 
=== Example ===

Configured URL:

<code>https://example.com/warning?user=<%= username %>&balance=<%= balance %>&currency=<%= currency %></code>

Sent request (POST to rendered URL, empty body):

<code>https://example.com/warning?user=john&balance=4.50&currency=USD</code>

 
== Alert Webhooks ==

When an alert is '''raised''' or '''cleared''', MOR/M4 can POST a JSON notification to every contact in the alert's notification group that has a non-empty '''Webhook URL'''.

 
=== MOR configuration ===

# Contacts — set '''Webhook URL''' per contact: '''ADDONS → Monitorings → Contacts''' ([[Alert Contacts]]).
# Groups — assign contacts to a group: '''ADDONS → Monitorings → Groups''' ([[Alert Groups]]).
# Alerts — on alert edit ([[Alerts]]):
#* '''Group to Notify''' — select the contact group.
#* '''Notify On Alert via Webhook''' — send webhook when the alert is raised.
#* '''Notify On Clear via Webhook''' — send webhook when the alert is cleared.

See [[Monitorings Addon]] and [[Alerts]] for alert parameters, clear rules, and examples.

 
=== M4 configuration ===

Same webhook payload as MOR. Configuration paths on M4:

# Contacts — set '''Webhook URL''' on each alert contact (see [[M4 Alerts]]).
# Alerts — under '''SECURITY → Alerts''' ([[M4 Alerts]]):
#* '''Group to Notify''' — select the contact group.
#* '''Notify On Alert via Webhook''' / '''Notify On Clear via Webhook''' — same options as MOR.

 
=== When it fires ===

* '''ALERT''' — when the alert condition is met and '''Notify On Alert via Webhook''' is enabled on that alert.
* '''CLEAR''' — when the alert clears and '''Notify On Clear via Webhook''' is enabled on that alert.
* One HTTP request is sent to '''each''' contact in the selected group whose '''Webhook URL''' is non-empty.
* Contact webhook URLs must start with <code>http://</code> or <code>https://</code>.

 
=== Request format ===

* '''Method:''' HTTP POST
* '''Content-Type:''' <code>application/json</code>
* '''Body:''' JSON object

{| class="wikitable"
! Field !! Description
|-
| <code>type</code> || Trigger type: <code>ALERT</code> or <code>CLEAR</code>
|-
| <code>group_id</code> || Alert group id
|-
| <code>alert_id</code> || Alert id
|-
| <code>alert_name</code> || Alert name
|-
| <code>object_id</code> || Id of the monitored object
|-
| <code>object_name</code> || Human-readable object name
|-
| <code>cause</code> || Alert parameter / cause (for example <code>CALLS TOTAL</code>)
|-
| <code>value</code> || Current measured value (number)
|-
| <code>count</code> || Data count (integer)
|-
| <code>timestamp</code> || Date/time when the alert or clear triggered (<code>YYYY-MM-DD HH:MM:SS</code>)
|}

 
=== Example payload ===

<pre>
{
"type": "ALERT",
"group_id": 12,
"alert_id": 42,
"alert_name": "Test",
"object_id": 123,
"object_name": "Example OP",
"cause": "CALLS TOTAL",
"value": 150.0,
"count": 150,
"timestamp": "2026-02-26 12:34:56"
}
</pre>

 
= See also =

* [[Alerts]] — MOR alert configuration and examples
* [[M4 Alerts]] — M4 alert configuration
* [[Warning balance]] — Warning Balance email, audio, and scheduling
* [[Alert Contacts]] — contact webhook URLs for MOR alerts
* [[Alert Groups]] — group contacts for alert notifications
* [[Email variables]] — template variables for Warning Balance webhook URLs
* [[MOR API device update]] — set <code>webhook_url_for_call_end</code> via API
* [[MOR API device details get]] — read <code>webhook_url_for_call_end</code>
* [[MOR API]] — legacy API overview

MOR Manual

2026-06-11T13:12:05Z

Admin: /* Other functionality */

<html>
<div align="center">
<iframe width="640" height="360" src="https://www.youtube.com/embed/R65ufpHOz_g" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
</div>
</html>

<mkmeta>Detailed instructions how to use MOR Class 5 Softswitch</mkmeta>
<div align="center">
 
<center>MOR is a Class 5 Softswitch with Billing and Routing with extended functionality, increased stability, and professional support directly from the developers. It enables VoIP providers to offer various services.</center>

</div>
 
= Introduction =
* [[Introduction]] [[Image:flag_esp.jpg|alt="flag"|link=|right|link=Introduction (es)]]
* [[Who is this product designed for]]
* [[MOR Functionality]]
* [[Supported Business Models]]
* [[MOR Admin Interface|Admin Interface]]
* [[How to make first call|How to make a first call]] [[Image:flag_rus.jpg|alt="flag"|link=|right|link=How to make first call (ru)]]
 

= Concepts/Definitions =
* [[MOR Terminology]]
* [[Billing Concepts]] [[Image:flag_rus.jpg|right|alt="flag"|link=|link=Billing Concepts (ru)]]
* [[Billing Logic]]
* [[Call explained]]
* [[E.164]]
* [[Rounding]]
* [[Multi-Tax system]]
* [[What is a PIN?]]
* [[ASR/ACD]]
* [[Margin and Markup]]
* [[What are callgroups and pickupgroups|What are callgroups and pickupgroups?]]
* [[Balance and Credit]]
* [[Local Calls]]
* [[Prepaid Logic]]
* [[Authentication]]
* [[Fax over VoIP]]

 

= Configuration =
* [[mor.conf]]
* [[Performance Suggestions]]
* [[Configuration from GUI]]
** [[reCAPTCHA]]
** [[Payments configuration]]
** [[Default device settings]]
** [[Default_user|Default user settings]]
** [[Accountant permissions]]
** [[Logo change]]
** [[Currencies]]
** [[Translations]]
** [[Global_date_format | Global date format]]
** [[Remove Manual link from admin GUI]]
* [[Voicemail]]
* [[Multi Server support]]
* [[MOR White-labeling|White-labeling]]
* Emails
** [[Configuration_from_GUI#Emails|Email settings]]
** [[Emails|Mass Emails]]
** [[Email variables]]
* [[WebRTC]]
* [[Time Zone list]]
* [[MOR SIP Header Transformations]]
* [[MOR STIR/SHAKEN]]
* [[PJSIP Codec negotiation]]

 

= [[MOR Number Manipulation | Number Manipulation]] =
* [[MOR Localization | Localization]]
** [[MOR Location Groups | Location Groups]]
* [[MOR Device Rules | Device Rules]]
** [[MOR Device Rule Groups | Device Rule Groups]]
* [[MOR Provider Rules | Provider Rules]]
* [[DID handling by Localization]]
* [[MOR Number Manipulation Examples | Number Manipulation Examples]]
* [[Block wrong short numbers with Localization]]
* [[MOR - LCR/Tariff change based on call prefix]]
* [[Prefix finder]]
* [[MOR Prelocalization]]

 

=[[Users]] =
* [[User Details]]
** [[Warning balance]]
** [[User Blocking]]
* [[Hide Users]]
* [[Why MOR does not allow to delete users|Why MOR does not allow users to be deleted]]
* [[How to create User and Device|How to create a User and Device]]
* [[MOR_forgot_user_password|How to reset lost GUI password]]
 

= [[Devices]] =
* [[Device settings]]
** [[H323 Device settings]]
** [[Extension lines]]
** [[Ring several devices at same time]]
** [[How to create User and Device|How to create a User and Device]]
** [[Allowed Addresses]]
* [[Devices Bulk Create]]
* [[Trunks]]
* [[CLIs (Incoming CallerIDs)]]
** [[ANI/CLI ban system]]
* [[Duplicate call prevention]]
* [[Allow loss calls]]
* [[Device groups]]
* [[Call Flow]]
* [[Which codecs should I choose for devices|Which codecs should I choose for devices?]]
**[[Change_Audio/Video_Codecs_priority| Codecs priority]]
* [[Authentication|How to configure IP Authentication for Device]]
* [[Registration_Status|Device registration status]]
* [[MOR Device Rules]]
* [[Feature Codes]]
* [[Hide Device Password]]
* [[Disallow duplicate device usernames]]
* [[Disallow users to change their email]]

 

= [[Providers]] =

(also known as terminators, suppliers, vendors or trunks)

* [[Terminators]]
* [[Provider with several IP|Provider with several IPs]]
* [[H323 Provider settings]]
* [[Provider with ANI]]
* [[Configure Provider which can make calls]]
* [[Configure Provider with dynamic IP]]
* [[Simultaneous call limitation]]
* [[NO ANSWER/BUSY interpretation for providers]]
* [[Provider_Deviations|Provider Deviations]]
* [[Provider AGI script]]
* Provider Configuration
** [[Net2phone configuration | Net2phone]]
** [[Broadvoice configuration | Broadvoice]]
** [[Eutelia]]
** [[IXC]]
** [[Configuring DIDWW | DIDWW]]
** [[Vitelity]]
** [[Vono]]
** [[How_to_add_Voicetrading_Provider|Voicetrading]]
** [[Portech GSM as Provider | Portech]]
** [[DID Logic]]
** [[Voxbeam]]

 

= [[Tariffs]] =
* [[Directions and Destinations]]
** [[Destinations Groups]]
** [[Destination Groups Policy]]
** [[Block some Destination to User|Block a Destination to a User]]
** [[Export and bulk import of unassigned destinations]]
* [[Day setup]]
* [[Bulk change Tariffs for Users]]
* [[Wholesale Tariff | Wholesale]]
** [[Entering Rates for Wholesale Tariff]]
** [[Rate import from CSV]]
** [[Blocked Rates]]
** [[CLI Groups - CLI Prefixes]]
* Retail
** [[Advanced Rates | Advanced (Retail) Rates]]
*** [[Entering Rates for Retail Tariff]]
*** [[Advanced Rates for Users| Advanced (Retail) Rates for Users]]
** [[Custom Rates]]
* [[Tariff Transformation]]
** [[Make Retail Tariff from Wholesale Tariff explained]]
* [[Why User can't check his Rates]]

 

= Call Routing =
* [[LCR]]
* [[LCR Logic]]
* [[How to add Provider to LCR]]
* [[Call Routing by price]]
* [[Call Routing by priority (Manual LCR)]]
* [[Call routing per destination basis]]
** [[How to route call to specific Destination through specific Provider]]
** [[How to block calls]]
** [[Blocked_Countries | How to block countries]]
** [[Block some Destination to User|Block a Destination to a User]]
* [[MOR - LCR/Tariff change based on call prefix]]
* [[Routing by Percent]] or Weight-based routing
* [[Why call was not routed through other provider/trunk?|Why was a call not routed through another provider/trunk?]]
* [[Intelligent Internal Routing]]
* Advanced [[extensions_mor_custom.conf]]

 

= DIDs =
* [[DID Management]]
** [[Assign DID to Trunk]]
* [[Work flow for DID]]
* [[DID Billing]]
** [[DID Billing Time explained]]
* [[DIDs Usage]]
* [[Personal DIDs]]
* [[Example - Configuring DID to ring some Device]]
* [[PBX Function External DID]]
* [[Ring-Groups]]
* [[DID with VoxBone using his URI]]
* [[Forward DID to External Number]]
* [[How to charge DID on a monthly basis]]
* [[DID handling by Localization]]
* [[DID Blocking]]
* [[Dial Plans]]
** [[Authorization by PIN]]
** [[Authorization by ANI]]
** [[Calling Card Dial Plan]]
** [[Callback Dial Plan]]
** [[IVR Dial Plan]]
** [[STATISTICS - Various - DIDs]]

 

= [[Accounting]] =
* [[Services]]
** [[Flat-Rates]]
* [[Subscriptions]]
* [[Invoices]]
** [[Invoice configuration]]
** [[Pay Invoice with balance deduction]]
** [[Invoice by CallerID]]
* [[Payments]]
* [[Vouchers]]

 

= Reporting =
* [[Active Calls]]
* [[Last Calls]]
* [[Local Calls Stats]]
* [[Users Calls]]
* [[Users Finances]]
* [[Loss Making Calls]]
* [[DIDs Report]]
* [[Providers Statistics]]
* [[Providers Calls]]
* [[Statement Of Account]]
* [[Aggregate]]
* [[First Activity]]
* [[Quick Stats]]
* [[Simultaneous Calls stats]]
* [[Calls by Source]]
* [[Login Stats]]
* [[Profit Stats]]
* [[Country Stats]]
* [[Hangup Cause Report]]
* [[Graphs]]
* [[Google Maps integration]]
** [[Get Google Maps key]]
* [[Balance in phone]]
* [[Privacy to hide Destination ends]]

 

= Troubleshooting =

* [[Frequently_Asked_Questions_(FAQ) | Frequently Asked Questions]]
* [[Action log]]
* [[Call Tracing]]
* [[Integrity Check]]
* [[Hangupcause Codes]]
** [[H323 hangupcause codes]]
** [[Hangupcause Sounds]]
** [[Different code send to User compared to received from Provider]]
* [[Call Info]]
** [[Call log explanation]]
* [[SIP debug info]]
* [[Provider connection testing]]
* [[Asterisk CLI]]
** [[Watch active calls/channels in Asterisk server from CLI]]
** [[Get Asterisk CLI output for specific call]]
* [[MOR's Core version]]
* [[Lots of calls made by System Admin user]]
* [[Renew Devices]]
* [[Email log]]
* [[MOR forward Q.850 Reason header]]
 

= Maintenance =

* [[How to restart Asterisk server]]
* [[Upgrade MOR GUI]]
* [[Lost MOR GUI admin password]]
* [[MOR Server Speedup]]
* [[Second Admin account]]
* [[Asterisk keepalive script]]

 

= Security =
* [[How to be secure using MOR]]
* [[MOR Change default passwords]]
* [[Blocking SIP Scanners]]
* [[MOR iptables Chains]]
* [[MOR two factor authentication]]
* [[How to set up SSL certificate with Let's Encrypt]]

 

= Testing =

* [[VoIP Bandwidth Calculator]]

 

= Payment gateways =

* [[Payment_Gateway_Addon | Payments Gateway Addon]]
 

= Other functionality =
* [[SIP Header Manipulation]]
* [[IVR system]]
** [[IVR for Calling Cards]]
** [[IVR Greeting for DID]]
* [[Callback]]
** [[WEB Callback]]
** [[Callback over Email]]
** [[MOR API callback init | API Callback_init]]
** [[Callback setup example]]
* [[PBX Functions]]
** [[Voicemail]]
** [[Dial Local]]
** [[PBX Function External DID|External DID]]
* [[Fax2Email]]
* [[Recordings Addon | Recordings]]
* [[PhoneBook]]
* [[Speed Dials]]
* [[Backup system]]
* [[Data import]]
* CDR
** [[CDR Import]]
** [[CDR Rerating]]
** [[CDR Disputes|CDR Disputes]]
* [[Online registration]]
** [[Online registration customization]]
* [[Quick Forwards]]
** [[Quickforwards rules]]
* [[Transfers with MOR]]
* [[GUI on Mobile Devices]]
* [[PBX connection to MOR]]
** [[MOR and Trixbox]]
* [[MOR API]]
** [[MOR API Permission Groups]]
** [[API Configuration]]
* [[Cron actions]]
* [[Webhooks]]

 

= [[MOR Addons|'''MOR Addons''']] =
* [[Limited Addons]]
* [[Automatic Tariff Import]]
* [[Auto-Dialer Addon]]
* [[Call Shop Addon]]
* [[Callback|Callback Addon]]
* [[Calling Cards Addon]]
* [[Mobile Number Portability Addon]]
* [[Monitorings Addon]]
** [[Spy_real-time_calls|Spy real-time calls]]
** [[Alerts]]
** [[Alert Groups]]
** [[Alert Schedules]]
** [[Dynamic Blacklist Functionality]]
* [[Payment Gateway Addon]]
* [[Recordings Addon]]
* [[Reseller Addon]]
* [[Reseller Pro Addon]]
* [[PBX_Functions_Addon | PBX Functions Addon]]

 

= Tutorials =
* [[Usual configuration sequence]]
** [[How to make first call]]
* [[How to create User and Device]]
* [[Dial Local | How to setup Dial Local function]]
* [[Calling Card setup example | How to setup Calling Cards]]
** [[How to setup Access Number to TopUp Card by CallerID]]
* [[Callback setup example | How to setup Callback]]
* [[Conference with MOR + Trixbox | How to setup Conferences using Trixbox]]
* [[How to forward the Call when Device is offline]]
* IVRs
** [[IVR for Calling Cards | How to setup IVR for Calling Cards]]
* DIDs
** [[Example - Configuring DID to ring some Device | How to configure DID to ring some Device]]
** [[Forward DID to External Number | How to forward DID to External Number]]
** [[How to charge DID on a monthly basis]]
** [[IVR Greeting for DID|How to add Greeting for DID]]
* [[How to configure 911 service]]
* [[Block some Destination to User | How to block a Destination to a User]]
* [[How to make several connections from one IP]]
* [[How to be secure using MOR]]
* [[How to change GUI port]]
* [[How to change qualify packets frequency]]
* [[MOR 10CC]]
* [[VitalPBX interconnection with MOR]]

 

= Old Manuals =
* [http://packets.kolmisoft.com/packets/docs/MOR_X4_Manual.pdf MOR X4 Manual]
* [http://packets.kolmisoft.com/packets/docs/MOR_X3_Manual.pdf MOR X3 Manual]
* [http://packets.kolmisoft.com/packets/docs/MOR_12_Manual.pdf MOR 12 Manual]
* [http://packets.kolmisoft.com/packets/docs/MOR_11_Manual.pdf MOR 11 Manual]
* [http://packets.kolmisoft.com/packets/docs/MOR_10_Manual.pdf MOR 10 Manual]
* [[Material for testing users]]

Alerts

2026-06-11T10:28:22Z

Admin: /* Alert vs Clear */

=Description=

Alerts functionality is dedicated to taking actions about your system issues which may cause a problem. You may block User, disable Provider, change LCR for User or simply send a notification to specified [[Alert Groups|Group]] of [[Alert Contacts|Contacts]].

You are able to follow these parameters:

* [[ASR/ACD|ASR]] – Answer-Seizure Ratio (percent)
* [[ASR/ACD|ACD]] – Average Call Duration (in seconds)
* PDD – Average Post Dial Delay. The time between punching in the last digit of a telephone number and receiving a ring or busy signal (in seconds)
* TTC (Time to Connect)(DURATION-BILLSEC) – Average time between receiving a ring signal and answer to the call (in seconds)
* BILLSEC – Sum of calls bilsec (in seconds)
* TOTAL CALLS – Sum of all calls.
* TOTAL OUTGOING CALLS – Sum of outgoing calls.
* ANSWERED CALLS – Sum of answered calls.
* NOT ANSWERED CALLS – Sum of not answered calls (FAILED, BUSY, NO ANSWER).
* SIMULTANEOUS CALLS – Number of simultaneous calls (only applies to users and providers).
* PRICE SUM – Sum of calls price (only applies to users and providers).
* HGC (absolute) – Sum of calls, which ended with a specific [[Hangupcause_Codes | Hangupcause code]]. The HGC has to be set in the ''HGC'' field (it appears once ''Parameter: HGC'' is chosen).
* HGC (percent) – Percent of calls, which ended with a specific [[Hangupcause_Codes | Hangupcause code]]. The HGC has to be set in the ''HGC'' field (it appears once ''Parameter: HGC'' is chosen).
* REGISTRATION - Device registration status (either registered or not).
And it is possible to make actions for these types of MOR Objects or send notification about it:

* [[Users]]
** All
** Postpaid
** Prepaid
** One User
* [[Providers]]
* [[Devices]]
* [[Directions and Destinations | Destinations]]
** One Destination by prefix.
** Few Destinations by prefix and % sign. Eg. 93%, 3706% and so on.
* [[Destinations Groups]]
* System
** Any call made will be assigned to System object (even unauthenticated calls). Useful for general System monitoring.
 

=Usage=

Go to '''ADDONS –> Monitorings –> Alerts'''
 
[[File:alerts_path.png]]
 
Here you can see list of all created Alerts and their main information like is Alert active? When it was Raised/Cleared last time? What value was at Alert/Clear...
 
[[File:alerts_list.png]]
 
Click on [[Image:icon_add.png]]'''Add new Alert''' link to create an Alert or click on [[image:icon_edit.png]] icon to change settings of existing Alert.
 
[[File:Mor_alerts_edit_4.png|right]]
 
'''General'''

* '''Name''' – Alert name.
* '''Object Type''' – select which Object you want to follow.
* '''Object Name''' – pecify name/prefix of Object.
* '''Parameter''' – choose which parameter should be followed.
* '''Alert Type''' – ABS means that absolute data values will be taken from specified time period.
'''NOTE''': Object Type, Object Name, Parameter, Alert Type cannot be changed once Alert is created.
* '''Ignore if Calls''' <= – indicate calls sum when system should ignore Alert if calls sum is less than written (if 0, Alert will not be ignored).
* '''Ignore if Calls''' >= – indicate calls sum when system should ignore Alert if calls sum is more than written (if 0, Alert will not be ignored).
* '''Group to Notify''' – select [[Alert Groups|Group]] of [[Alert Contacts|Contacts]] who should be informed about Alert/clear.
* '''Notify to User''' – it is available only when Alert object type is User or Device. Check if you want to notify User on Alert. 
'''Alert'''

* '''Alert if <=''' – indicate Parameter value when system should raise Alert if value is less than written.
* '''Alert if >=''' – indicate Parameter value when system should raise Alert if value is more than written.
* '''Disable Object''' – check if you want to disable selected Object on Alert.
* '''Disable Provider in LCR''' – indicate LCR where Provider should be disabled.
* '''LCR on Alert''' – select LCR which one should be used after Alert
* '''Notify On Alert via Email''' – check if you want that specified [[Alert Groups|Group]] will receive an email notifications about Alerts.
* '''Notify On Alert via Webhook''' – when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/Alerts#Webhook_notifications here].
 
'''Clear'''

* '''Disable Clear''' – when alert is raised, it will never be cleared.
* '''Clear on Condition'''
** '''Clear if <=''' – indicate Parameter value when system should Clear Alert if value is less than written.
** '''Clear if >=''' – indicate Parameter value when system should Clear Alert if value is more than written.
* '''Clear on time basis'''
** '''Clear after''' – indicate time value after which system should Clear Alert
** '''Clear on Date''' – indicate specific date and time when system should Clear Alert (After clear, selection will be reset)
* '''Enable Object''' – check if you want to enable selected(in Alert configuration) Object on Clear.
* '''Enable Provider in LCR''' – check if you want to enable selected(in Alert configuration) Provider on Clear.
* '''LCR on Clear''' – select LCR which one should be used after Clear.
* '''Notify On Clear via Email''' – check if you want that specified [[Alert Groups|Group]] will receive an email notifications about Clear.
* '''Notify On Alert via Webhook''' – when set, the alert will send a webhook to all Contacts in Alert Group that have non-empty Webhook URL. More info [https://wiki.kolmisoft.com/index.php/Alerts#Webhook_notifications here].

'''NOTE''' one of '''Clear on Condition''' options and both '''Clear on time basis''' options can be selected at one time. System will clear alert if at least one of conditions will be true, it means that alert will be cleared on condition which first will appear.
 
'''Period'''

You can select different time periods for each alert. This period defines time period which activity have to be checked.

Note: period has no effect when parameter SIMULTANEOUS CALLS is chosen.
 
'''Comment''' – additional notes.
 

= Webhook notifications =

When an alert is raised or cleared and options '''Notify On Alert via Webhook''' or '''Notify On Clear via Webhook''' in the Alert are enabled, a HTTP request will be sent to each Contact in the Alert Group that has '''Webhook''' URL set. The request uses HTTP POST with JSON payload (Content-Type: application/json).

JSON Payload:

* '''type''' - Alert trigger type, either "ALERT" or "CLEAR".
* '''group_id''' - Alert Group ID.
* '''alert_id''' - Alert ID.
* '''alert_name''' - Alert name.
* '''object_id''' - ID of checked Object.
* '''object_name''' - human-readable Object name.
* '''cause''' - Alert type.
* '''value''' - current value.
* '''count''' - data count.
* '''timestamp''' - timestamp when Alert/Clear triggered.

Example payload:

{
"type": "ALERT",
"group_id": 12,
"alert_id": 42,
"alert_name": "Test",
"object_id": 123,
"object_name": "Example OP",
"cause": "CALLS TOTAL",
"value": 150.0,
"count": 150,
"timestamp": "2026-02-26 12:34:56"
}

 
= Alert vs Clear =

Example with CPU Load, just to demonstrate what an Alert is, what a Clear is, and their proper usage.

[[File:alert_graph.png]]

 

=Examples=

===Send notification and change LCR on Alert===

Parameter: TOTAL CALLS 
Object Type: User 
Object Name: Prepaid 
Alert if >=: 300 
Clear if <=: 200 
LCR on alert: secondary LCR 
LCR on clear: Restore Original 
Group to Notify: support group 
Notify on Alert via Email: checked 
Period: 1h 
 
This Alert monitors all Calls done by Prepaid Users. If a Prepaid User makes more than 300 Calls during one hour period, his LCR will be changed to secondary LCR and Email notification will be sent to every contact on support group.
 
If User's Call count drops below 200 calls during one hour period, his LCR will be restored to original LCR
 

===Block user when simultaneous calls are detected===

Parameter: SIMULTANEOUS CALLS 
Object Type: User 
Object Name: All 
Alert if >=: 2 
Group to Notify: administration 
Notify on Alert via Email: checked 
Disable Object: checked 
Disable Clear: checked 
 
This Alert monitors simultaneous calls done by all Users. If a User makes more than (or equal to) 2 simultaneous Calls to the same destination, his account will be suspended and Email notification will be sent to every contact on administration group.
 
This alert will no be cleared automatically and user will stay suspended even if no more simultaneous calls are present.
 

===Block user if it spends more than 50 EUR in 24h===

Parameter: PRICE SUM 
Object Type: User 
Object Name: All 
Alerf if >= 50 
Group to Notify: administration 
Notify on Alert via Email: checked 
Disable Object: checked 
Disable Clear: checked 
Check last: 24 h 
 

===Alerts triggered by other Alerts===

Administrators are able to create alerts that depend on other alerts. What that means is, that you are able to create an alert that is triggered by a set or a subset of other alerts.

'''Example:'''
* Alert 1 is triggered when a specific user's ACD drops below ten seconds.
* Alert 2 is triggered when a the same user's Device's ASR drops below 50%.
* Alert 3 is triggered when both Alert 1 and Alert 2 is triggered, so that the technicians are notified.

In order to set up such a chain of events, you should first create Alert 1 and Alert 2.

Then, you should set up Alert 3.
 
[[File:Alert_group_parameter.png‎]]
 
* Configure your alert as usual, but instead of a specific parameter choose GROUP.
* Then, add the alert dependencies using the shown interface.

 
[[File:Alert_group_alert.png‎]]
 
* Set a number of alerts, that, when reached will trigger the alert.

 
[[File:Alert_group_clear.png‎]]
 
* Finally set up a number of alerts that will clear your alert.

These alerts can also be nested, without worrying about circular-dependencies, '''MOR''' simply will not let you make them.

 
=See also=

* [[Alert Schedules]]
* [[Alert Groups]]
* [[Alert Contacts]]
* [[ASR/ACD]]
* [[How to resolve long PDD]]

MOR API v2 tariff rates

2026-06-03T18:52:17Z

Admin: Created page with "Returns the complete rate table for a tariff — retail destination groups with time-banded prices, optional custom rates, or wholesale/provider flat rate rows. Not prefix rate lookup — that is MOR API v2 rates (<code>GET /rates</code>). Parity with legacy MOR API tariff rates get (<code>tariff_rates_get</code> / <code>get_tariff</code>). Retail behaviour matches the end-user GUI '''Rates''' screen (<code>/tariffs/user_rates</code>). Wholesale/provider behavio..."

Returns the complete rate table for a tariff — retail destination groups with time-banded prices, optional custom rates, or wholesale/provider flat rate rows. Not prefix rate lookup — that is [[MOR API v2 rates]] (<code>GET /rates</code>). Parity with legacy [[MOR API tariff rates get]] (<code>tariff_rates_get</code> / <code>get_tariff</code>).

Retail behaviour matches the end-user GUI '''Rates''' screen (<code>/tariffs/user_rates</code>). Wholesale/provider behaviour matches '''SETTINGS → Tariffs''' → open a tariff → '''Rates for tariff'''.

Simple portal users call without <code>tariff_id</code> or <code>user_id</code> to receive their own tariff. Admin, reseller, and accountant callers may pass <code>user_id</code> or <code>tariff_id</code> per the rules below. For <code>user</code> and <code>accountant</code> callers, <code>tariff_id</code> is ignored when <code>user_id</code> is omitted — the JWT user's tariff is returned (legacy parity).

All endpoints require a valid Bearer token (see [[MOR API v2]] authentication), user type '''admin''', '''reseller''', '''accountant''', or '''user''', and <code>v2_tariff_rates_index</code> (Read) on the user's [[MOR API Permission Groups|API permission group]] (section '''Tariffs''').

 
== Quick start ==

Obtain a token, then (portal retail user):

<pre>
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/billing/api/v2/tariff_rates?additional_retail_info=1"
</pre>

Wholesale or provider tariffs require pagination:

<pre>
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/billing/api/v2/tariff_rates?tariff_id=14&page=1&limit=100"
</pre>

 
== Endpoint ==

Base path: <code>{Web_Dir}/api/v2/tariff_rates</code> (for example <code>/billing/api/v2/tariff_rates</code>).

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/tariff_rates</code> || <code>v2_tariff_rates_index</code> || Full tariff rate export.
|}

 
== Query parameters ==

* <code>user_id</code> — optional. Load the tariff (and custom rates) for another user. Admin, reseller, and accountant use cases; portal users typically omit this.
* <code>tariff_id</code> — optional. Select a tariff by ID when the caller is admin or reseller (and not using <code>user_id</code> only). Ignored for <code>user</code> / <code>accountant</code> when <code>user_id</code> is blank.
* <code>additional_retail_info</code> — <code>0</code> or <code>1</code>; default <code>0</code>. When <code>1</code>, each retail/custom destination group includes nested destination <code>name</code> and <code>prefix</code> rows.
* <code>page</code> — required for wholesale/provider tariffs. 1-based page number.
* <code>limit</code> — required for wholesale/provider tariffs. Page size (maximum 500).

Retail and custom-rate responses are not paginated. Wholesale/provider responses without <code>page</code> and <code>limit</code> return '''422'''.

 
== Response shape ==

Top-level object: <code>{ "tariff_rates": { … } }</code>.

'''Retail (<code>purpose</code> <code>user</code>):''' <code>tariff_name</code>, <code>purpose</code>, <code>currency</code>, optional <code>custom_rates</code> (same structure), then <code>destinations</code> — each with <code>destination_group_name</code> and <code>rates</code> (duration, type, round_by, rate, start_time, end_time, daytype, from). When custom rates exist, custom groups are listed first; tariff groups already covered by custom rates are omitted. If the user has custom rates but no assigned tariff, the response may contain only <code>custom_rates</code> (HTTP '''200''').

'''Wholesale / provider:''' flat <code>rates</code> array (direction, destination, prefix, code, rate, connection_fee, increment, min_time, start_time, end_time, daytype, effective_from) plus <code>meta</code> with <code>page</code>, <code>limit</code>, <code>returned</code>, <code>total</code>.

Currency and time values follow legacy API conventions (system currency; time strings; wholesale <code>rate</code> / <code>connection_fee</code> formatted like legacy XML wholesale export).

 
== Example (retail fragment) ==

<pre>
{
"tariff_rates": {
"tariff_name": "My Tariff",
"purpose": "user",
"currency": "USD",
"destinations": [
{
"destination_group_name": "Lithuania",
"rates": [
{
"duration": "Infinity",
"type": "minute",
"round_by": "1",
"rate": "0.05",
"start_time": "00:00:00",
"end_time": "23:59:59",
"daytype": "WD",
"from": "0"
}
]
}
]
}
}
</pre>

 
== Errors ==

* '''401''' — Missing or invalid token, usertype not allowed, or API permission denied: <code>{ "errors": "Unauthorized" }</code> or <code>{ "errors": "API method not permitted: v2_tariff_rates_index" }</code>
* '''404''' — No tariff resolved: <code>{ "errors": "No tariff found" }</code>
* '''422''' — Wholesale/provider tariff without <code>page</code> and <code>limit</code>: <code>{ "errors": "page and limit are required for wholesale tariffs" }</code>

 
= See also =

* [[MOR API tariff rates get]] — legacy XML/hash full tariff export
* [[MOR API v2 rates]] — prefix rate lookup (<code>GET /rates</code>), not full tariff table
* [[MOR API Permission Groups]] — enable <code>v2_tariff_rates_index</code> for integrators

MOR API v2

2026-06-03T18:52:05Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Account==
* [[MOR_API_v2_me|me]] - Read and update the authenticated user's profile (GET/PATCH /me)
 

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.

 
==Balance==
* [[MOR_API_v2_balance|balance]] - Show the authenticated user's prepaid balance (GET <code>/balance</code>).

 
==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.

 
==CDR Export==
* [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] - List [[CDR Export Templates]] for the authenticated admin (read-only).
* [[MOR_API_v2_automatic_cdr_exports|automatic_cdr_exports]] - Manage scheduled automatic CDR export tasks: create, update, delete, and set active state (admin only).

 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
==Tariffs/Rates==
* [[MOR API v2 rates|rates]] - Look up call rates for a dialed prefix (GET <code>/rates</code>).
* [[MOR API v2 tariff rates|tariff_rates]] - Export the full tariff rate table (GET <code>/tariff_rates</code>).

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2 rates

2026-06-03T18:16:48Z

Admin: Created page with "Look up call rates for a destination prefix. Default behaviour matches the MOR GUI '''STATS → Search''' screen (field label '''Enter Number to get Rate''') and legacy MOR API rate get when <code>by_full_dst=0</code> is used on the legacy API. Returns one or more rate rows for the authenticated user, or — for '''admin''', '''reseller''', and '''accountant''' callers — for another user named in <code>username</code>. Simple portal users omit <code>username</code..."

Look up call rates for a destination prefix. Default behaviour matches the MOR GUI '''STATS → Search''' screen (field label '''Enter Number to get Rate''') and legacy [[MOR API rate get]] when <code>by_full_dst=0</code> is used on the legacy API.

Returns one or more rate rows for the authenticated user, or — for '''admin''', '''reseller''', and '''accountant''' callers — for another user named in <code>username</code>. Simple portal users omit <code>username</code>; the JWT identity is used.

All endpoints require a valid Bearer token (see [[MOR API v2]] authentication), user type '''admin''', '''reseller''', '''accountant''', or '''user''', and <code>v2_rates_show</code> (Read) on the user's [[MOR API Permission Groups|API permission group]] (section '''Rates''').

Owner setting '''Allow devices to check rate over HTTP''' must be enabled in MOR or the API returns '''403''' with <code>{ "errors": "Feature disabled" }</code>. Simple users also need '''Show rates for users''' enabled or the API returns '''403''' with <code>{ "errors": "User cannot view rates" }</code>.

 
== Quick start ==

Obtain a token, then:

<pre>
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/billing/api/v2/rates?prefix=9320"
</pre>

Legacy single-match mode (same algorithm as [[MOR API rate get]] when <code>by_full_dst</code> is not set to full match):

<pre>
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/billing/api/v2/rates?prefix=9320&by_full_dst=0"
</pre>

 
== Endpoint ==

Base path: <code>{Web_Dir}/api/v2/rates</code> (for example <code>/billing/api/v2/rates</code>).

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/rates</code> || <code>v2_rates_show</code> || Rate lookup for a prefix.
|}

 
== Query parameters ==

* <code>prefix</code> — required. Dialed number prefix; non-digit characters are ignored. Maximum 20 digits after stripping.
* <code>username</code> — optional. Target MOR username for admin, reseller, or accountant lookups. Defaults to the JWT user when omitted (typical portal use).
* <code>by_full_dst</code> — <code>0</code> or <code>1</code>. When omitted, defaults to <code>1</code> (full destination match with active rate rows, GUI search parity). When <code>0</code>, legacy single-match algorithm (one row when found).

 
== Example responses ==

'''Success (200):'''

<pre>
{
"rates": [
{
"price": "0.987",
"destination_name": "Afghanistan Kabul",
"prefix": "9320",
"active": true
}
],
"meta": {
"prefix": "9320",
"by_full_dst": 1,
"username": "api_portal_user"
}
}
</pre>

Each <code>rates</code> item includes <code>price</code>, <code>destination_name</code>, <code>prefix</code>, and <code>active</code>. When <code>by_full_dst=1</code>, only rows with <code>active: true</code> are returned. The <code>meta</code> object echoes the normalized prefix, effective <code>by_full_dst</code> mode, and resolved <code>username</code>.

Prices use raw database values in the system default currency, not per-user GUI formatting.

 
== Errors ==

* '''401''' — Missing or invalid token, unsupported lookup target, or API permission denied. Examples: <code>{ "errors": "Unauthorized" }</code>, <code>{ "errors": "API method not permitted: v2_rates_show" }</code>, <code>{ "errors": "User was not found" }</code>, <code>{ "errors": "You are not authorized to view this page" }</code>
* '''403''' — Rate checking disabled in MOR settings, or end users cannot view rates: <code>{ "errors": "Feature disabled" }</code> or <code>{ "errors": "User cannot view rates" }</code>
* '''404''' — No matching rate or prefix: <code>{ "errors": "Rate was not found" }</code>, <code>{ "errors": "Prefix was not found" }</code>, or <code>{ "errors": "Destination Group was not found" }</code> (legacy single-match path)
* '''422''' — Empty or overlong prefix: <code>{ "errors": "Empty prefix" }</code> or <code>{ "errors": "Number cannot be longer than 20" }</code>

 
= See also =

* [[MOR API rate get]] — legacy XML/hash rate lookup
* [[MOR API Permission Groups]] — enable <code>v2_rates_show</code> for integrators

MOR API v2

2026-06-03T18:16:32Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Account==
* [[MOR_API_v2_me|me]] - Read and update the authenticated user's profile (GET/PATCH /me)
 

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.

 
==Balance==
* [[MOR_API_v2_balance|balance]] - Show the authenticated user's prepaid balance (GET <code>/balance</code>).

 
==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.

 
==CDR Export==
* [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] - List [[CDR Export Templates]] for the authenticated admin (read-only).
* [[MOR_API_v2_automatic_cdr_exports|automatic_cdr_exports]] - Manage scheduled automatic CDR export tasks: create, update, delete, and set active state (admin only).

 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
==Rates==
* [[MOR API v2 rates|rates]] - Look up call rates for a dialed prefix (GET <code>/rates</code>).

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2 balance

2026-06-03T18:05:53Z

Admin: Created page with "Returns the prepaid balance of the user identified by the Bearer JWT (self-service only). The response uses the same balance conversion rules as legacy MOR API user balance get for the authenticated user — not for looking up other users by username or device. All endpoints require a valid Bearer token, user type '''admin''', '''reseller''', or '''user''', and <code>v2_balance_show</code> (Read) on the user's API permission group (sect..."

Returns the prepaid balance of the user identified by the Bearer JWT (self-service only). The response uses the same balance conversion rules as legacy [[MOR API user balance get]] for the authenticated user — not for looking up other users by username or device.

All endpoints require a valid Bearer token, user type '''admin''', '''reseller''', or '''user''', and <code>v2_balance_show</code> (Read) on the user's [[MOR API Permission Groups|API permission group]] (section '''Balance'''). Accountants cannot call this endpoint.

Owner setting '''Balance via API''' must be enabled in MOR (same as legacy balance API) or the API returns '''403''' with <code>{ "errors": "Feature disabled" }</code>.

 
== Quick start ==

Obtain a token (see [[MOR API v2]] authentication), then:

<pre>
# Balance in system default currency
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/balance"

# Balance in the user's currency (includes currency field)
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/balance?user_currency=1"
</pre>

 
== Endpoint ==

Base path: <code>{Web_Dir}/api/v2/balance</code> (for example <code>/billing/api/v2/balance</code>).

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/balance</code> || <code>v2_balance_show</code> || Current user's balance.
|}

 
== Query parameters ==

* <code>currency</code> — optional currency code; use <code>USER</code> for the user's currency; invalid or omitted values use the system default currency for conversion.
* <code>user_currency</code> — <code>0</code> or <code>1</code>; when <code>1</code>, convert to the user's currency and include a <code>currency</code> field in the JSON response.

 
== Example responses ==

'''Success (200) — system currency:'''

<pre>
{
"balance": "10.0"
}
</pre>

'''Success (200) — <code>user_currency=1</code>:'''

<pre>
{
"balance": "10.0",
"currency": "USD"
}
</pre>

The <code>balance</code> value is formatted with MOR's standard number formatting (same as the legacy balance API). Amounts use the system default currency in the database; conversion applies when <code>currency</code> or <code>user_currency</code> requests another currency.

 
== Errors ==

* '''401''' — Missing or invalid token, unsupported user type (for example, accountant), or API permission denied: <code>{ "errors": "Unauthorized" }</code> or <code>API method not permitted: v2_balance_show</code>
* '''403''' — Balance via API disabled in MOR settings: <code>{ "errors": "Feature disabled" }</code>

 
= See also =

* [[MOR API user balance get]] — legacy XML balance (hash authentication)
* [[MOR API v2 me]] — account profile including <code>balance_number</code> and <code>balance_currency</code>

MOR API v2

2026-06-03T18:01:40Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Account==
* [[MOR_API_v2_me|me]] - Read and update the authenticated user's profile (GET/PATCH /me)
 

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.

 
==Balance==
* [[MOR_API_v2_balance|balance]] - Show the authenticated user's prepaid balance (GET <code>/balance</code>).

 
==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.

 
==CDR Export==
* [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] - List [[CDR Export Templates]] for the authenticated admin (read-only).
* [[MOR_API_v2_automatic_cdr_exports|automatic_cdr_exports]] - Manage scheduled automatic CDR export tasks: create, update, delete, and set active state (admin only).

 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2 me

2026-06-03T17:39:02Z

Admin: Created page with " = Account profile (<code>/me</code>) = Returns or updates the profile of the user identified by the Bearer JWT (self-service only — not for editing other users). ==== Authentication and permissions ==== * '''Bearer JWT''' (same as other MOR API v2 methods). * All user types may call when permitted. * Each call requires '''v2_me_show''' (GET) or '''v2_me_update''' (PATCH) on the user's API permission group. = Endpoints = Base path: <c..."

= Account profile (<code>/me</code>) =

Returns or updates the profile of the user identified by the Bearer JWT (self-service only — not for editing other users).

 
==== Authentication and permissions ====

* '''Bearer JWT''' (same as other [[MOR API v2]] methods).
* All user types may call when permitted.
* Each call requires '''v2_me_show''' (GET) or '''v2_me_update''' (PATCH) on the user's API permission group.

 
= Endpoints =

Base path: <code>{Web_Dir}/api/v2/me</code> (for example <code>/billing/api/v2/me</code>).

{| class="wikitable"
! Method !! Path !! ACL name !! Description
|-
| GET || <code>/me</code> || <code>v2_me_show</code> || Current user's profile (same fields as legacy [[MOR API user details get]] for the authenticated user).
|-
| PATCH || <code>/me</code> || <code>v2_me_update</code> || Update personal details (GUI '''Personal details''' parity; simple users allowed when settings permit).
|}

 
= GET response (200) =

<pre>
{
"me": {
"id": 123,
"username": "user1",
"usertype": "user",
"first_name": "Jane",
"last_name": "Doe",
"balance_number": "10.0",
"balance_currency": "USD",
"details_editing_allowed": true,
"email_editing_allowed": true,
"address": { "email": "jane@example.com", "city": "..." },
"invoices": { ... },
"warning_balance": { ... }
}
}
</pre>

Role-specific fields (tariff, PBX pool, accountant ID, etc.) appear only when the viewer's role allows (same rules as [[MOR API user details get]]).

 
= PATCH body =

Send '''application/json''' or form fields. Updatable fields match the GUI personal details:

* Names and company: <code>first_name</code>, <code>last_name</code>, <code>company_name</code>
* Address: nested <code>address</code> object or flat <code>address</code>, <code>city</code>, <code>postcode</code>, <code>email</code>, etc.
* <code>password</code> — must meet system password rules
* Invoice delivery flags: <code>simplified_pdf</code>, <code>simplified_csv</code>, and related invoice type toggles
* Warning balance: <code>warning_email_active</code>, <code>warning_balance_email</code>

Success: '''200''' with updated <code>me</code> object.

 
= Errors =

* '''403''' — Owner setting '''Disallow Details Editing''' blocks simple users: <code>{ "errors": "Details editing is disabled" }</code>
* '''422''' — Validation (password, address, email when email editing disabled, empty body, etc.)

 
= See also =

* [[MOR API user details get]] — legacy XML read (hash-based)
* [[MOR API v2#Authentication|Authentication]] — obtain Bearer token

MOR API v2

2026-06-03T17:36:23Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Account==
* [[MOR_API_v2_me|me]] - Read and update the authenticated user's profile (GET/PATCH /me)
 

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.

 
==CDR Export==
* [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] - List [[CDR Export Templates]] for the authenticated admin (read-only).
* [[MOR_API_v2_automatic_cdr_exports|automatic_cdr_exports]] - Manage scheduled automatic CDR export tasks: create, update, delete, and set active state (admin only).

 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API device update

2026-06-03T07:37:34Z

Admin:

=Description=


[[MOR API]] update existing Device from params.
 
=Usage=

* Call: /api/device_update
* Methods: POST, GET(if allowed, not recomended)
 
===Parameters===

Parameters which are '''included''' into hash:

* '''device''' - device_id. '''Required'''.
* '''authentication''' - 0 stands for "Dynamic (Username/Password)" Device Authentication, 1 stands for "IP Authentication:"
* '''username''' - sets value for Username if device Authentication value is Dynamic. 
* '''host''' - sets value for IP Address if device Authentication value is IP Authentication
* '''port''' - sets value for Port if device Authentication value is IP Authentication

'''Note that parameters are shown in the same order as they have to be when generating the hash. Last parameter in a row is API_Secret_Key'''
 
Parameters which are '''not included''' into hash:
* '''[[MOR API hash construction | hash]]''' - SHA1 hash constructed using '''parameters''' which are listed above. Note that parameters are shown in the same order as they have to be when generating the hash. Last parameter in a row is '''API_Secret_Key''' ([[MOR API hash construction | More described in Constructing hash]]). '''Required'''. 
* '''u''' - username for authentication. '''Required'''.
* '''new_location_id''' - location_id.

* '''callerid_number''' - number.
* '''callerid_name''' - name.

* '''trunk''' - 0 stand for "No", 1 stand for "Yes", 2 stands for "Yes with ANI".
* '''fax_email_add''' - email address to add.
* '''fax_email_delete''' - email address to delete.
* '''call_limit''' - call limit. Set 0 if you want unlimited sim. calls.
* '''inbound_call_limit''' - call limit. Set 0 if you want unlimited inbound calls.
* '''fromuser''' - sets value for Fromuser.
* '''password''' - sets value for Password if device Authentication value is Dynamic.
* '''call_timeout''' - max call duration (in seconds).
* '''extension''' - device extension. Allowed symbols: a-z0-9#*.
* '''pin''' - device PIN. Allowed symbols: 0-9 or empty parameter.
* '''hidden''' - for hiding and unhiding Devices. Allowed values: 0 - unhide, 1 - hide.
* '''language''' - sets value for language.

* '''allow_empty_callerid''' - if set to 1, allows to set empty callerid_number and/or callerid_name.
* '''comment''' - device comment to add or update.

* '''encryption''' - enable or disable encryption. Allowed values: 1 - yes, 0 - no.
* '''transport''' - allowed values: "'''udp'''", "'''tcp'''", "'''udp,tcp'''", "'''tcp,udp'''", "'''tls'''".

* '''hostname''' - set device hostname, will take effect only if authentication = 1 (IP authenticated device).
* '''device_balance_enabled''' - enable or disable device balance. Allowed values: 1 - enable, 0 - disable.
* '''balance''' - set device balance. Only numeric values.

* '''ringing_timeout''' - max ringing duration in seconds (minimum value is 10).
* '''callerid_control_by_dids''' - 1 - enable, 0 - disable. Only available when the device has DIDs and the CallerID Number field is empty.
* '''callerid_random_number_from_dids''' - 1 - enable, 0 - disable. Use a random DID assigned to this device for CallerID.
'''Note''' that there is a parameter '''callerid_control_by_dids''', so if you want to enable one of them, send the parameter only for one of them. You do not need to send one request to disable and another to enable.
* '''voicemail_email''' - VoiceMail email address. To read back email, password, timezone, and delete-after-send in one call, use [[MOR API device details get]] — response tags <code>voicemail_email</code>, <code>voicemail_password</code>, <code>voicemail_tz</code>, and <code>voicemail_delete</code> (password, timezone, and delete are GUI-only on update).
* '''description''' - updates device description field.
* '''progressinband''' - allowed values: "'''No'''", "'''Yes'''", "'''Never'''".

* '''emergency_callerid''' - number for Emergency callerID.
* '''emergency_callerid_pool_id''' - Id of Emergency CallerID Number Pool
* '''sendrpid''' - yes, no (SIP)
* '''t38_support''' - no, yes, fec, redundancy and none (SIP and FAX, same as GUI)
* '''сopy_legA_name_to_LegB_number''' - 0,1 (SIP)

* '''total_call_limit''' - one concurrent Call Limit (Outbound + Inbound). If the request uses call_limit and inbound_call_limit together with total_call_limit, then total_call_limit will be used.
* '''valid_cid_number_pool_id''' - Number Pool with valid CallerIDs.
* '''fake_number_pool_id''' - Random Number from Number Pool.
'''Note''': It should be taken into account that '''Use random Number when CallerID is invalid''' is not stored in the database. The option is '''on''' when both '''number_pools''' ('''valid_cid_number_pool_id''' and '''fake_number_pool_id''') are set. If they are not set, both '''number_pool''' parameters must be specified the first time to save the values. Other times, the parameters can be specified separately.
To disable the option '''Use random Number when CallerID is invalid''' it is required to send '''-1''' with parameters '''valid_cid_number_pool_id''' or '''fake_number_pool_id'''. 
Example: '''valid_cid_number_pool_id=-1'''.
* '''trunk_3cx''' - Enable 3CX option. This setting is meaningful only if the '''trunk''' parameter is set to 1 or 2.
* '''nat''' - available options "'''no'''", "'''force_rport,comedia'''" (which is "'''yes'''" in GUI), "'''force_rport'''", "'''comedia'''".
* '''qualify''' - 1 - enable, 0 - disable. Works only for SIP/PJSIP devices.
* '''qualify_timeout''' - value >= 500 in ms.
* '''qualify_frequency''' - value >= 10 in seconds. Works only for PJSIP devices.
* '''media_use_received_transport''' - Optional. Allowed values: <code>yes</code>, <code>no</code>. Works only when the device uses SIP with the PJSIP driver (<code>chan_pjsip</code>). When <code>yes</code>, Asterisk sets <code>media_use_received_transport</code> on the endpoint so the media transport from the received SDP offer is echoed in the answer (useful for DTLS-SRTP / [[WebRTC|WebRTC]] and some NAT scenarios). Invalid values are ignored; the column is unchanged. Not available on device_create — new devices inherit the Default Device template and TLS auto-default rules instead. Response field on [[MOR API device details get|device_details_get]]: <code>pjsip_endpoint_media_use_received_transport</code>.
* '''custom_sip_header''' - Custom SIP header for SIP devices. Format is <code>header: value</code> (example: <code>x-My-Custom-Header: my value</code>). An empty parameter clears the stored value. Maximum 255 characters. Read back with [[MOR API device details get]] tag <code>custom_sip_header</code>.

 
'''Additional feature'''
 
If the API setting '''Allow Resellers to use Admin Localization Rules''' is enabled: Reseller is able to set a location inherited from Admin. '''new_location_id''' should be used as a parameter for location.
 

===Request===

HTML POST: http://<SERVER_IP>/billing/api/device_update?u=admin&device=2&new_location_id=7&hash=297dab8c386794b2e947d52affb8f576c643569e
 

===Returns===

'''Success'''

<page>
<status>
<success>Device successfully updated</success>
</status>
</page>
 
----
'''Errors'''

* <error>Incorrect hash</error> - Hash was not correct. Check API_Secret_Key and order or params while concatenating hash_string.
* <error>Access Denied</error> - access not allowed
* <error>Device was not found</error> - Device id incorrect or does not exist
* <error>Location was not found</error> - Location id incorrect or does not exist
* <error>Password is too short</error> - Password of device is too short
* <error>CallerID Control By DIDs was not updated because the device has callerID number</error>
* <error>CallerID Control By DIDs was not updated because the device is not assigned to any DID</error>
* <error>Wrong format of VoiceMail Email address</error>
* <error>Emergency CallerID was not updated. Number Pool was not found</error>
* <error>Emergency CallerID Number Pool was not updated. Emergency CallerID must be present</error>
* <error>Emergency CallerID Number Pool was not updated. Number Pool was not found</error>
 

==Examples==

Change Username/Password authenticated Device to IP authenticated Device:
http://<SERVER_IP>/billing/api/device_update?u=admin&device=51&authentication=1&host=192.168.5.20&port=5060&hash=XXXX

Set empty CallerID:
http://<SERVER_IP>/billing/api/device_update?u=admin&device=2&allow_empty_callerid=1&callerid_number=&hash=XXXX

=See also=

* [[MOR API]]

Automatic CDR Export

2026-06-03T06:26:37Z

Admin:

Automatic CDR Export allows you to create periodic tasks that run at a configured time with specific query parameters. Exported data will be archived and sent via Email to the user or a specific Email address.

==CDR Export Templates==

Automatic CDR Export requires to create at least one [[CDR_Export_Templates|CDR Export Template]] so be sure to create one before proceeding.

 
==Automatic CDR Export==

Automatic CDR export is configured in '''SETTINGS''' -> '''Billing''' -> '''CDR''' -> '''Export''' -> '''Automatic''':

[[File:Automatic cdr export menu.png]]

Here you will find a list of already configured Automatic CDR Exports:

[[File:Mor automatic cdr export list.png]]

In this list, you may active/deactive CDR export tasks, edit or delete existing tasks, and create new ones by pressing '''Add new Automatic CDR Export'''.

Note that '''Last run at''' and '''Next run at''' are shown in the timezone defined by the '''Time Zone''' setting.

 
==New Automatic CDR Export==

[[File:Automatic cdr export create.png]]

When creating a new Automatic CDR Export, you will see two sections: '''Query''' and '''Settings'''.

 
===Query section===

This section is very similar to the filters on the Last Calls page. You can set various filters for the CDR Export query. These filters work in the same way as they work in the Last Call page; therefore, you may test your query in the Last Calls page, and if you are happy with the result, set the same parameters in this Query section.

Note that date filters (From and Till) are missing. These filters depend on the CDR Export '''Repeat period''' and are described below.

 
===Settings section===

 
====Name====

The name is only for information purposes. This name is shown in the Automatic CDR Export list.

 
====Time Zone====

Time Zone is an important setting and should be set correctly depending on the situation. All other time-related settings will use this Time Zone.

For example, if you want to generate a daily CDR Export to your User who lives in a specific region, let’s say London, you should set the timezone to '''GMT (+00:00) London'''. This way, the user will get CDR data starting from 00:00:00 till 23:59:59 in the user’s timezone.

Server and User may be in different time zones; therefore, it is important to set the Time Zone to the User’s timezone if you intend to generate CDR for this User.

Another thing to consider is when you set '''Start CDR Export at''' setting (will be described later). This variable will also depend on the Time Zone setting. For example, maybe your server off-peer hours are 00:00:00 - 06:00:00, but in a selected time zone, off-peer hours may be different.

 
====Repeat period====

The repeat period defines how often CDR Export is executed and which period is used to retrieve data. For this reason, the Query section is missing the From and Till fields.

Note that this setting depends on the Time Zone variable.

 
=====Hourly=====

CDR export will be executed each hour. CDR data will correspond to the whole '''previous''' hour.

For example, if a CDR export was executed on 2016-11-11 10:00:00, the CDR will cover the period 2016-11-11 09:00:00 - 2016-11-11 09:59:59.

In other words, it will work as if you set From to 2016-11-11 09:00:00 and Till to 2016-11-11 09:59:59 in date filters.

 
=====Daily=====

CDR export will be executed each day. CDR data will correspond to the whole '''previous''' day.

For example, if a CDR export was executed on 2016-11-11 00:00:00, the CDR will cover the period from 2016-11-10 00:00:00 to 2016-11-10 23:59:59.

 
=====Weekly=====

CDR export will be executed each week. CDR data will correspond to the whole '''previous''' week.

For example, if a CDR export was executed on 2016-11-14 00:00:00 (Monday), the CDR will cover the period from 2016-11-07 00:00:00 (Monday) to 2016-11-13 23:59:59 (Sunday). The data period is always Monday - Sunday.

 
=====Bi-weekly=====

CDR export will be executed each twice a month. CDR data will correspond to either the 1-15 days of the month or the 16-end of the month.

For example, if a CDR export was executed on 2016-11-16 00:00:00, the CDR will cover the period from 2016-11-01 00:00:00 to 2016-11-15 23:59:59. If the CDR export was executed on 2016-12-01 00:00:00, then the CDR will be for the 2016-11-16 00:00:00 - 2016-11-30 23:59:59 period.

 
=====Monthly=====

CDR export will be executed each month. CDR data will correspond to the whole '''previous''' month.

For example, if a CDR export was executed on 2016-11-01 00:00:00, the CDR will cover the period from 2016-10-01 00:00:00 to 2016-10-31 23:59:59. The data period is always the first day of the month to the last day of the month (whole month).

If you choose a specific day of the month, for example, 15, then CDR will be generated for 2016-10-15 00:00:00 - 2016-11-14 23:59:59 and will be sent at 2016-11-15 00:00:00

*Example.
Today is the 15th of April.
If we choose the 14th or 15th day (Past or Today), then CDR will be generated only next month.
If we choose the 17th day (Future), then CDR will be generated for the previous month till 16th of April 23:59:59

 
=====Only once=====

CDR export will be executed on a specific date and time. Also, in the Query section, two additional filters will be displayed - From and Till. These filters allow you to specify a date period for the CDR Export query (in the selected time zone).

 
====Start CDR Export at====

If you have selected '''Daily''', '''Weekly''', '''Bi-weekly''' or '''Monthly''' periods, you may select specific hours when Automatic CDR export should be executed. This is useful because you may choose off-peak hours. Automatic CDR Export is executed only during a selected hour period.

If you have selected the '''Only once''' period, you must set the full date (day and hour). This is because '''Only once''' is not periodic and should have a specific date and time.

Things to consider:

* Choose off-peak hours, this will reduce load on the system;
* Be careful when midnight is selected (00:00) because the user may start a new Call just before midnight, and that Call may last for more than an hour. In this case, you may want to start CDR export a few hours after midnight so all users’ calls have time to finish.
* Hourly period may be inaccurate for the reason described above.

Note that this setting depends on the Time Zone variable.

 
====Template====

Select which [[CDR_Export_Templates|CDR Export Template]] to use.

 
====Filename Prefix====

Select a prefix for how the file name will start.

 
==== Archive extension====

Select extension type to archive: tgz, zip, or gzip

 
====Send CDR to====

Select who should receive CDR Export. It can be a user, a specific Email address, an FTP server, or an SFTP server. If User is selected, then the email address will be taken from the User's settings (make sure that the User has an email).

Also, make sure that email sending is configured correctly.

CDRs will be '''archived''' and sent to User/Email.

If the archive is sent successfully, the user should receive a success email, which can be customized in [[Email_variables#CDR_Export|Emails]] settings. CDR archive will be attached.

'''Note:''' archive size is limited to '''10MB'''! If the CDR archive is larger, it will not be sent via Email; instead, the user will receive an error Email.

'''Note:''' if ''' Custom Email''' option is used and you want to send CDRs to more than one email, please separate the emails with ''';''' sign.

'''FTP''' - Please fill FTP server details at [https://wiki.kolmisoft.com/index.php/Configuration_from_GUI#FTP FTP] tab.

'''SFTP''' - Please fill SFTP server details at [https://wiki.kolmisoft.com/index.php/Configuration_from_GUI#SFTP SFTP] tab.

 
==Next run at==

In the Automatic CDR Export list, you should see the '''Next run at''' column. This shows the date and time (in the selected Timezone) when the CDR export will be executed.

What happens when you create a new Automatic CDR Export? When will CDR Export be executed? It depends on the repeat period. New Automatic CDR Export is executed ''' on the next period'''. For example, if you have created an '''Hourly''' Automatic CDR Export on 2016-11-11 09:11:45, the first time the CDR Export is executed will be on 2016-11-11 10:00:00.

If you have created a '''Daily''' Automatic CDR Export on 2016-11-11 09:11:45, the first time the CDR Export is executed will be on 2016-11-12 00:00:00.

If you have created '''Monthly''' Automatic CDR Export on 2016-11-11 09:11:45, then the first time CDR Export is executed will be on 2016-12-01 00:00:00.

Of course, the hours may differ depending on Start CDR Export, but the idea is that CDR Export is executed in the next period, whether that is the next hour, day, week, or month.

 
==File names==

CDR Export output is a CSV file compressed in a tgz archive. Filename is based on dates, for example, if CDR Export was executed for the 2016-11-01 00:00:00 - 2016-11-30 23:59:59 period, then file names will be:

'''CSV filename:''' MOR_CDR_export_20161122_000000_20161122_235959.csv 
'''TGZ filename:''' MOR_CDR_export_20161122_000000_20161122_235959.tgz

 
==CDR Export and performance==

CDR Export is a resource-intensive task. Consider having as few Automatic CDR Export tasks as possible. Also, shorter Repeat periods have better performance.

It is advisable to set '''Start CDR Export at''' to off-peak hours. Also,''' Start CDR Export at''' allows to spread tasks across hours during the day.

 
==How old CDR Export tasks are handled==

There might be situations where the script responsible for CDR Export functionality has not been running for a long time. What happens to all CDRs that were supposed to be generated during that time when the script was not running? Only a single CDR for the latest period will be generated. This is done intentionally to prevent a large number of CDR Export tasks from running simultaneously.

For example, if the '''Monthly''' CDR Export tasks were created in January but the CDR Export script was not executed until November, then the CDR Export for January-September will be skipped. The script will generate the CDR Export for October and set '''Next run at''' to December.

This logic does not apply to the'''Only once''' period. All tasks with the'''Only once''' period will be executed.

 
= REST API =

You can list, create, update, enable/disable, and delete automatic export tasks with [[MOR API v2]] (<code>/api/v2/automatic_cdr_exports</code>). See [[MOR_API_v2_automatic_cdr_exports]] for permissions, request bodies, and scheduling notes. Templates are read-only at <code>/api/v2/cdr_export_templates</code> — see [[MOR_API_v2_cdr_export_templates]].

 
=See also=

* [[CDR_Export_Templates|CDR Export Templates]] 
* [[Email_variables#CDR_Export|Emails Templates variables]]

MOR API v2 automatic cdr exports

2026-06-03T06:12:21Z

Admin: Created page with "Configure scheduled CDR delivery tasks through MOR API v2. Behavior matches '''SETTINGS → CDR → Export → Automatic''' in the GUI (see Automatic CDR Export for field meanings). Choose a <code>template_id</code> from cdr_export_templates or the GUI. The API '''creates and updates''' export tasks and returns scheduling metadata (for example, <code>next_run_at</code>). It does '''not''' run an export immediately — the syst..."

Configure scheduled CDR delivery tasks through [[MOR API v2]]. Behavior matches '''SETTINGS → CDR → Export → Automatic''' in the GUI (see [[Automatic CDR Export]] for field meanings). Choose a <code>template_id</code> from [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] or the GUI.

The API '''creates and updates''' export tasks and returns scheduling metadata (for example, <code>next_run_at</code>). It does '''not''' run an export immediately — the system scheduler delivers files when each task is due (same pipeline as the GUI).

All endpoints require a valid Bearer token, '''admin''' user type, and the matching <code>v2_automatic_cdr_exports_*</code> method on the user’s [[MOR API Permission Groups|API permission group]] (section '''CDR Export''').

 
=== Quick start ====

Obtain a token (see [[MOR API v2]] authentication), then:

<pre>
# Create a monthly automatic export for a wholesale user
curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{
"name": "Wholesale ACME monthly CDR",
"period": "monthly",
"timezone": "London",
"cdr_export_at_time": "02:00:00",
"monthly_export_day": 1,
"template_id": 5,
"send_cdr_to": "user",
"send_to_user_id": 123,
"query": { "s_user_id": 123, "s_call_type": "all" },
"filename_prefix": "ACME_",
"archive_extension": "tgz",
"active": true
}' \
"https://your-mor.example/api/v2/automatic_cdr_exports"

# Read back the created task (use id from the POST response)
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/automatic_cdr_exports/42"
</pre>

 
=== Endpoints ====

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/automatic_cdr_exports</code> || <code>v2_automatic_cdr_exports_index</code> || List tasks. Query: <code>active</code> (0/1), <code>send_to_user_id</code>, <code>period</code>, <code>name</code> (partial match), <code>from</code>, <code>max_results</code>.
|-
| GET || <code>/automatic_cdr_exports/{id}</code> || <code>v2_automatic_cdr_exports_show</code> || Show one task.
|-
| POST || <code>/automatic_cdr_exports</code> || <code>v2_automatic_cdr_exports_create</code> || Create a task. JSON body (flat or nested <code>query</code> object). Returns <code>automatic_cdr_export</code> with <code>next_run_at</code>.
|-
| PUT / PATCH || <code>/automatic_cdr_exports/{id}</code> || <code>v2_automatic_cdr_exports_update</code> || Update settings (partial fields allowed on PATCH).
|-
| DELETE || <code>/automatic_cdr_exports/{id}</code> || <code>v2_automatic_cdr_exports_destroy</code> || Delete a task (empty body on success).
|-
| PATCH || <code>/automatic_cdr_exports/{id}/active</code> || <code>v2_automatic_cdr_exports_update_active</code> || Set active state explicitly: <code>{"active": true}</code> or <code>{"active": false}</code> (not a toggle).
|}

 
=== Request body ====

'''Settings:''' <code>name</code>, <code>active</code>, <code>period</code> (<code>hourly</code>, <code>daily</code>, <code>weekly</code>, <code>bi-weekly</code>, <code>monthly</code>, <code>only_once</code>), <code>timezone</code>, <code>cdr_export_at_time</code> (<code>HH:MM:SS</code>), <code>monthly_export_day</code>, <code>template_id</code>, <code>filename_prefix</code>, <code>archive_extension</code>.

For <code>only_once</code> also send <code>s_from</code>, <code>s_till</code>, and <code>cdr_export_at_datetime</code> (ISO 8601 datetimes).

'''Delivery (<code>send_cdr_to</code>):''' <code>user</code> (requires <code>send_to_user_id</code>), <code>email</code> (requires <code>send_to_email</code>), <code>ftp</code>, or <code>sftp</code>. FTP/SFTP delivery requires the corresponding server paths to be configured in MOR; the API accepts the task even when paths are missing — delivery may fail at runtime.

'''Call filters (<code>query</code> object):''' same fields as the GUI export query — for example <code>s_user_id</code>, <code>s_device</code>, <code>s_call_type</code>, <code>s_provider</code>, <code>s_destination</code>, <code>s_did_pattern</code>, <code>calls_from_users</code>, <code>calls_to_users</code>, <code>calls_via_dids</code>, and related options.

 
=== Example responses ====

'''Create (201):'''

<pre>
{
"automatic_cdr_export": {
"id": 42,
"name": "Wholesale ACME monthly CDR",
"active": 1,
"period": "monthly",
"timezone": "London",
"template_id": 5,
"template_name": "My template",
"send_cdr_to": "user",
"send_to_user_id": 123,
"next_run_at": "2026-07-01 02:00:00",
"last_run_at": "",
"cdr_export_at_time": "02:00:00",
"monthly_export_day": 1,
"query": { "s_user_id": 123, "s_call_type": "all" }
}
}
</pre>

'''Validation (422):'''

<pre>
{
"error": "Automatic CDR export was not created",
"details": {
"template_id": ["Template must be selected"]
}
}
</pre>

'''Not found (404):''' <code>{ "error": "Automatic CDR export was not found" }</code>

'''ACL denied (401):''' <code>{ "errors": "API method not permitted: v2_automatic_cdr_exports_create" }</code>

'''Unauthorized role (401):''' <code>{ "errors": "Unauthorized" }</code> — accountant and user types cannot call these endpoints.

 
= See also =

* [[Automatic CDR Export]] — GUI scheduling and delivery options
* [[MOR_API_v2_cdr_export_templates]] — read-only template list/show (<code>template_id</code>)
* [[CDR Export Templates]] — GUI column templates
* [[MOR API Permission Groups]] — <code>v2_automatic_cdr_exports_*</code> under '''CDR Export'''
* [[API Configuration]] — enable API and permission groups
* [[Authentication]] — obtain Bearer token for v2 calls

MOR API v2 cdr export templates

2026-06-03T06:11:41Z

Admin: Created page with "List and show CDR Export Templates through MOR API v2. Behavior matches '''SETTINGS → CDR → Export → Templates''' in the GUI (see CDR Export Templates for column meanings). Templates cannot be created or edited through this API — use the GUI for create/edit. All endpoints require a valid Bearer token, '''admin''' user type, and <code>v2_cdr_export_templates_index</code> or <code>v2_cdr_export_templates_show</code> on the user’s MOR API Permission..."

List and show [[CDR Export Templates]] through [[MOR API v2]]. Behavior matches '''SETTINGS → CDR → Export → Templates''' in the GUI (see [[CDR Export Templates]] for column meanings). Templates cannot be created or edited through this API — use the GUI for create/edit.

All endpoints require a valid Bearer token, '''admin''' user type, and <code>v2_cdr_export_templates_index</code> or <code>v2_cdr_export_templates_show</code> on the user’s [[MOR API Permission Groups|API permission group]] (section '''CDR Export''').

 
=== Quick start ====

Obtain a token (see [[MOR API v2]] authentication), then:

<pre>
# List CDR export templates (admin-owned templates with at least one column)
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/cdr_export_templates"

# Show one template
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/cdr_export_templates/5"
</pre>

 
=== Endpoints ====

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/cdr_export_templates</code> || <code>v2_cdr_export_templates_index</code> || List templates owned by the authenticated admin (non-empty column set only).
|-
| GET || <code>/cdr_export_templates/{id}</code> || <code>v2_cdr_export_templates_show</code> || Show one template (<code>id</code>, <code>name</code>, <code>columns</code>, <code>column_count</code>).
|}

 
=== Example responses ====

'''List (200):''' array of template objects with <code>id</code>, <code>name</code>, <code>columns</code>, <code>column_count</code>.

'''Not found (404):''' <code>{ "error": "CDR export template was not found" }</code>

'''ACL denied (401):''' <code>{ "errors": "API method not permitted: v2_cdr_export_templates_index" }</code>

'''Unauthorized role (401):''' <code>{ "errors": "Unauthorized" }</code> — accountant and user types cannot call these endpoints.

 
= See also =

* [[CDR Export Templates]] — GUI create/edit and column layout
* [[MOR_API_v2_automatic_cdr_exports]] — scheduled export tasks (uses <code>template_id</code>)
* [[MOR API Permission Groups]] — <code>v2_cdr_export_templates_*</code> under '''CDR Export'''
* [[API Configuration]] — enable API and permission groups
* [[Authentication]] — obtain Bearer token for v2 calls

MOR API v2

2026-06-03T06:02:58Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.

 
==CDR Export==
* [[MOR_API_v2_cdr_export_templates|cdr_export_templates]] - List [[CDR Export Templates]] for the authenticated admin (read-only).
* [[MOR_API_v2_automatic_cdr_exports|automatic_cdr_exports]] - Manage scheduled automatic CDR export tasks: create, update, delete, and set active state (admin only).

 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

Whitelisted IPs

2026-06-03T05:34:05Z

Admin:

'''Whitelisted IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled.

From the Admin account, go to '''SETTINGS -> Security -> Whitelisted IPs''' to manage Whitelisted IPs.

An IP can be whitelisted by entering valid input values and by clicking the '''Whitelist''' icon.

'''The range of IPs''' can be added in a format like '''192.168.0.1-5''', which would result in multiple entries being created (192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4 and 192.168.0.5).

All the Whitelisted changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:mor_whitelist_ips_list.png]]
 
The Comment can be added to the Reason field. If the Reason is not specified, then it will be set to "MOR-WHITELIST-GUI".

If the country to which the IP belongs is blocked in [[Blocked Countries]], but the IP is added to '''Whitelisted IPs''', it means that the whole country is blocked except for the whitelisted IP.

'''Search''' functionality allows checking if the entered IP exists in the list.

Wildcard '''%''' is available to use in the search.

 
= Whitelisted IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be whitelisted as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.
 

 
= Allow API access =

Each entry on the '''Whitelisted IPs''' page can be marked '''Allow API access'''. This flag does '''not''' change whether the server accepts network traffic from that IP (GUI whitelist and IP-authenticated device rules work as before). It only controls whether that IP may use the [[MOR API]] and [[MOR API v2]] when '''Restrict API access by IP''' is turned on under [[Configuration from GUI]].

 
==== GUI whitelist (upper table) ====

The upper table lists IPs added through '''Whitelisted IPs''' (network whitelist managed from the GUI). For each row you can:

* Set '''Allow API access''' when adding a new IP (checkbox in the add row).
* Toggle '''Allow API access''' on '''active''' rows (checkbox in the list). The checkbox is not available while a row is still being applied or removed (grey “in progress” state — same as '''Remove''').
* Single IPs and CIDR prefixes (for example, <code>198.51.100.0/24</code>) are supported for API matching when the flag is enabled.

 
==== IP authenticated Device or Provider (lower table) ====

The lower table lists IPs taken from the'''IP authenticated Device or Provider''' configuration (devices or providers that authenticate by source IP). These are '''not''' the same as GUI whitelist rows, but you can grant them API access the same way:

* Use the '''Allow API access''' column to allow or deny API calls from that IP when '''Restrict API access by IP''' is enabled.
* Checking or clearing the box affects '''API access only'''. It does '''not''' add or remove the device’s IP-authentication or SIP whitelist rules on the server.

If the same IPv4 address appears in both tables, either entry with '''Allow API access''' enabled is sufficient for API calls when the restriction is in effect.

 
==== When restriction is enabled ====

With '''Restrict API access by IP''' enabled (see [[Configuration from GUI]]):

* Legacy XML API and [[MOR API v2]] requests are accepted only from client IPv4 addresses that match a row with '''Allow API access''' enabled (exact IP or CIDR).
* Rows that are still being whitelisted in the GUI (pending state) are treated as allowed for API purposes for a short time so you are not locked out while the server applies the change.
* If restriction is on and '''no''' row has '''Allow API access''' enabled, API calls are denied until you flag at least one IP on this page or in API settings.

The diagnostic endpoint '''GET /api/v2/ip_access/status''' (see [[MOR API v2]]) remains available to check an IP's block/whitelist status; it is not blocked by this restriction. Other API permissions (user ACL, Allow API globally, and so on) still apply.

Denied API calls from disallowed client IPs may be logged in the [[Action log]] (first deny per client IP within a short interval). Further repeated denials from the same IP are limited to reduce log noise.

 
= REST API =

You can list, create, update API access, and remove GUI whitelist rows with [[MOR API v2]] (<code>/api/v2/whitelisted_ips</code>). See [[MOR API v2#Whitelisted IPs (REST)]] for permissions, request bodies, and caller IP auto-ensure when '''Allow API access''' is enabled.

 
= See also =

* [[Blocked IPs]]
* [[How to block someone's IP]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Monitorings Addon]]
* [[Configuration from GUI]] — '''Restrict API access by IP''' and '''Allow API globally'''
* [[MOR API]] — legacy XML API
* [[MOR API v2]] — REST API, including IP access status
* [[Monitorings Addon]] — block/whitelist monitoring features
* [[Blocked IPs]] — block list (separate from API allow flag)

MOR API v2 whitelisted ips

2026-06-03T05:27:48Z

Admin: Created page with "Manage GUI whitelist rows (not IP-authenticated device rows from <code>mor_ipauth_whitelist.txt</code>) via MOR API v2. Behaviour matches '''Security → Monitorings → Whitelisted IPs''' in the GUI: the same validation rules apply (single IP, CIDR, or range; up to about 125 addresses per range). Changes take up to about one minute to apply on servers. All endpoints require a valid Bearer token, accountant '''monitorings_manage''' (read for list, write for create/u..."

Manage GUI whitelist rows (not IP-authenticated device rows from <code>mor_ipauth_whitelist.txt</code>) via [[MOR API v2]]. Behaviour matches '''Security → Monitorings → Whitelisted IPs''' in the GUI: the same validation rules apply (single IP, CIDR, or range; up to about 125 addresses per range). Changes take up to about one minute to apply on servers.

All endpoints require a valid Bearer token, accountant '''monitorings_manage''' (read for list, write for create/update/delete), and the matching <code>v2_whitelisted_ips_*</code> API method permission.

These endpoints '''do not''' enforce '''Restrict API access by IP''' on themselves (so you can configure allow rules while restriction is on). Other v2 routes still enforce client IP when restriction is enabled.

 
==== Quick start ====

# List active and pending whitelist rows
curl -s -H "Authorization: Bearer $TOKEN" \
"https://your-mor.example/api/v2/whitelisted_ips?search_ip=203.0.113.&from=1&max_results=50"

# Whitelist a subnet and allow API access (auto-adds caller IP if needed)
curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"ip":"198.51.100.0/24","server_id":1,"api_access_allowed":true}' \
"https://your-mor.example/api/v2/whitelisted_ips"

 
==== Endpoints ====

{| class="wikitable"
! Method !! Path !! Permission !! Description
|-
| GET || <code>/whitelisted_ips</code> || <code>v2_whitelisted_ips_index</code> || List rows. Query: <code>search_ip</code>, <code>search_reason</code> (SQL <code>LIKE</code>), <code>from</code>, <code>max_results</code>. Response includes <code>meta.caller_ip</code>.
|-
| POST || <code>/whitelisted_ips</code> || <code>v2_whitelisted_ips_create</code> || Add whitelist row(s). Body: <code>ip</code> (required), <code>server_id</code> or <code>"all"</code>, optional <code>reason</code> (default <code>MOR-WHITELIST-API</code>), <code>api_access_allowed</code> (default false). All IP×server pairs must validate or nothing is saved (422 + <code>failed[]</code>). When <code>api_access_allowed</code> is true, the server may auto-create a row for the API client IPv4 with reason <code>MOR-WHITELIST-API-AUTO</code> (<code>meta.caller_ip_ensured</code>).
|-
| PATCH || <code>/whitelisted_ips/{id}</code> || <code>v2_whitelisted_ips_update</code> || Set <code>api_access_allowed</code> on an '''active''' row (<code>unblock == 3</code>). Auto-ensure on enable matches POST.
|-
| DELETE || <code>/whitelisted_ips/{id}</code> || <code>v2_whitelisted_ips_destroy</code> || Remove an active row (pending remove). Pending add/remove rows return 422.
|}

 
==== JSON fields (list item) ====

* <code>id</code>, <code>ip</code>, <code>server_id</code>, <code>server_label</code>, <code>reason</code>
* <code>api_access_allowed</code> (boolean)
* <code>status</code>: <code>active</code>, <code>pending_add</code>, <code>pending_remove</code>

 
==== Client IP behind a proxy ====

Auto-ensure and <code>meta.caller_ip</code> use the Rails client IP (<code>request.remote_ip</code>). If MOR sits behind a reverse proxy, ensure the proxy forwards the real client address (for example <code>X-Forwarded-For</code>) so auto-ensure matches the integrator’s egress IP.

 
= See also =

* [[Whitelisted IPs]] — GUI and '''Allow API access'''
* [[Configuration from GUI]] — '''Restrict API access by IP'''
* [[MOR API v2]] — authentication and ACL
* [[Blocked IPs]] — block list (separate API)

MOR API v2

2026-06-03T05:27:17Z

Admin: /* Security */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API v2 whitelisted_ips|whitelisted_ips]] - Manage [[Whitelisted IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 

== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR - Blocked IPs

2026-06-02T18:16:21Z

Admin:

This page allows you to block IP addresses in the MOR's GUI.

'''Blocked IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled. From Admin account, go to '''Security -> Blocked IPs''' to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the '''Block''' icon. The to-be-blocked IP '''must not''' be local or a current server IP. By clicking on the Unblock icon, an IP is unblocked. All the blocking/unblocking changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:Mor blocked ips list.png]]
 
When IP is blocked manually, the reason is: MOR-BLOCKED-IP-FROM-GUI. When IP is automatically blocked by MOR, the reason says: fail2ban-AST_CLI_Attack. Below you see an example of how it looks in the GUI:
 
[[File:Blocekd_IPs_example.png]]
 
Explanation of the values given in the '''Reason''' column can be found [[How_to_be_secure_using_MOR#Additional_software_to_increase_MOR_system_security|here]]. Reason "INPUT" means that IP was blocked manually by using these instructions: [[How to block someone%27s IP]]
 
Reasons why IP was not blocked: 
IP is incorrect or blank 
IP is already blocked for this server 
Cannot block server IP 
IP address is private 
IP address is local 

You can search blocked IP. Possible search by a single IP or for the range using wildcard ''%'', like in the example.
 
[[File:blocked_ips_search_mor.png]]
 
= Blocked IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be automatically converted to the canonical format. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.

 
= API automation =

You can list, block, and unblock the same rows using '''[[MOR API v2#Blocked IPs|MOR API v2 — Blocked IPs]]''' (<code>GET/POST/DELETE /api/v2/blocked_ips</code>). To '''check''' whether an IP is blocked or whitelisted without changing rows, use '''GET /api/v2/ip_access/status'''.

 

=See Also=

* [[How to block someone's IP with iptables]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Whitelisted IPs]]

MOR API v2 blocked ips

2026-06-02T18:15:18Z

Admin: Created page with "These endpoints manage rows on '''MOR - Blocked IPs''' (block, list, show, unblock). They complement the read-only diagnostic '''GET /api/v2/ip_access/status''' (check whether an arbitrary IP is blocked or whitelisted). Changes apply on the server within about one minute (same iptables pipeline as the GUI). ==== Authentication and permissions ==== * '''Bearer JWT''' (same as other MOR API v2 methods). * User must be '''admin''' or '''accountant''' with..."

These endpoints manage rows on '''[[MOR - Blocked IPs]]''' (block, list, show, unblock). They complement the read-only diagnostic '''GET /api/v2/ip_access/status''' (check whether an arbitrary IP is blocked or whitelisted). Changes apply on the server within about one minute (same iptables pipeline as the GUI).

 
==== Authentication and permissions ====

* '''Bearer JWT''' (same as other [[MOR API v2]] methods).
* User must be '''admin''' or '''accountant''' with '''monitorings_manage''' (read for list/show; write for block/unblock).
* Each call also requires the matching '''v2_blocked_ips_*''' method on the user’s API permission group (see API settings in the GUI).
* When '''Restrict API access by IP''' is enabled, the '''client''' IP must be allowed on [[Whitelisted IPs]] (management endpoints are '''not''' exempt — unlike '''ip_access/status''').

 
==== Endpoints ====

Base path: <code>{Web_Dir}/api/v2/blocked_ips</code> (for example <code>/billing/api/v2/blocked_ips</code>).

{| class="wikitable"
! Method !! Path !! ACL name !! Description
|-
| GET || <code>/blocked_ips</code> || <code>v2_blocked_ips_index</code> || List blocked IPs (filters below).
|-
| GET || <code>/blocked_ips/{id}</code> || <code>v2_blocked_ips_show</code> || Show one row. Optional query fallback: <code>ip</code>, <code>server_id</code> when the numeric id is stale.
|-
| POST || <code>/blocked_ips</code> || <code>v2_blocked_ips_create</code> || Block IP(s). Body/query: <code>ip</code> (required), <code>server_id</code> (integer or <code>all</code>), <code>reason</code> (optional; default <code>MOR-BLOCKED-IP-FROM-API-V2</code>).
|-
| DELETE || <code>/blocked_ips/{id}</code> || <code>v2_blocked_ips_destroy</code> || Unblock (pending). Optional query fallback: <code>ip</code>, <code>server_id</code>.
|}

There is '''no''' UPDATE method (reason cannot be changed via API; matches the GUI).

 
==== List filters (GET /blocked_ips) ====

* <code>ip</code> — SQL LIKE on blocked address; <code>%</code> wildcard allowed.
* <code>reason</code> — SQL LIKE prefix on reason/chain.
* <code>server_id</code> — Restrict to one server.
* <code>from</code>, <code>max_results</code> — Pagination (same style as other v2 list APIs).

 
==== Input rules (POST) ====

Same rules as '''[[MOR - Blocked IPs]]''':

* Single IPv4, CIDR (canonicalized), or range <code>x.x.x-xx</code> (expanded to multiple rows).
* Cannot block private, local, or server IPs.
* Duplicate block on the same server returns an error for that IP (see response below).

 
==== Example responses ====

'''List (200):'''

<pre>
{
"blocked_ips": [
{
"id": 42,
"ip": "203.0.113.10",
"server_id": 1,
"server_label": "ID: 1, IP: 10.0.0.1",
"reason": "MOR-BLOCKED-IP-FROM-API-V2",
"country": "United States",
"status": "active",
"pending": false
}
],
"meta": { "from": 1, "max_results": 50, "returned": 1 }
}
</pre>

<code>status</code> is <code>active</code>, <code>block_pending</code>, or <code>unblock_pending</code> (grey rows in the GUI while iptables catches up).

'''Create (201):''' returns <code>blocked_ips</code> for rows accepted. If some parsed IPs fail validation, response is still '''201''' with <code>warnings</code> (each entry has <code>ip</code> and <code>error</code>).

'''Create (422):''' when input is empty, not parseable, or every IP was rejected — <code>errors</code> plus <code>warnings</code> when per-IP messages exist.

'''Unblock (200):''' <code>{ "status": "unblock_pending", "id": 42, "message": "…" }</code>

'''Not found (404):''' <code>{ "errors": "Blocked IP was not found" }</code>

'''ACL denied (403):''' <code>API method not permitted: v2_blocked_ips_*</code>

 
==== Quick start (curl) ====

Replace host, credentials, and JWT flow with your environment.

<pre>
# 1) Obtain JWT (example — use your deployment’s auth endpoint)
TOKEN="…"

# 2) List
curl -sS -H "Authorization: Bearer $TOKEN" \
"https://example.com/billing/api/v2/blocked_ips?max_results=10"

# 3) Block a public IP on server 1
curl -sS -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"ip":"203.0.113.55","server_id":1,"reason":"SOAR-incident-42"}' \
"https://example.com/billing/api/v2/blocked_ips"

# 4) Unblock by id
curl -sS -X DELETE -H "Authorization: Bearer $TOKEN" \
"https://example.com/billing/api/v2/blocked_ips/42"
</pre>

 
= See also =

* [[MOR - Blocked IPs]] — GUI, iptables timing, search wildcards
* [[MOR API v2]] — general v2 auth and ACL
* [[Whitelisted IPs]] — client IP restriction when enabled

MOR API v2

2026-06-02T18:14:08Z

Admin:

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API v2 blocked_ips|blocked_ips]] - Manage [[MOR - Blocked IPs]].
* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 
== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

Wholesale Tariff

2026-06-02T16:39:48Z

Admin: /* Make Wholesale Tariff */

=What is a Wholesale Tariff?=

This tariff is a price list which you get from your provider, later you can transform this tariff into retail or user wholesale tariffs. Without a transformation this tariff cannot be assigned to user.
 
= Min Time =

Min(imal) Time is the minimum time that will be billed if a call is answered.

For example:

* Min Time = 10s
* If the actual length of a call is <= 10s, billsec = 10.
* If the actual length of a call is > 10s, then billsec = actual call length.

{| border="1" cellpadding="5" cellspacing="0"
| '''Actual call length''' || '''Call time which will be billed'''
|-
| 1 || 10
|-
| 2 || 10
|-
| ... || 10
|-
| 9 || 10
|-
| 10 || 10
|-
| 11 || 11
|-
| 12 || 12
|-
| ... || ...
|-
|}

 
= Increment =

An Increment is the amount of time in which a call is billed. It is counted in seconds.

For example, assume that:

* A particular call lasts for 15 seconds.
* The rate for 1 min is (for the sake of simplicity) 1 EUR/min.

Then:

* If the increment is 1, then the call length will be counted as 15s and the call price will be 0.25 EUR (1/60*15). As the increment is 1, the call can be 1, 2, 3... in length. 15s is the exact length of the call.
* If the increment is 10, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 10, the call can be 10, 20, 30... in length. 20s is nearest to 15.
* If the increment is 20, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 20, the call can be 20, 40, 60... in length. 20s is nearest to 15.

 
= Make Wholesale Tariff with CLI Groups/Prefixes=

'''Make Wholesale Tariff''' builds a new wholesale tariff from an existing one: rates are copied and your amount/percent markups are applied. When the source tariff has rates with '''CLI Groups''' (CLI prefixes per destination), those prefixes are carried to the new tariff. For what CLI Groups are and how rating uses them, see [[CLI Groups - CLI Prefixes]].

'''Menu path:''' '''SETTINGS → Billing → [[Tariffs]]''' → select a tariff → '''Make Wholesale Tariff'''.

'''CLI Groups on the form''' 
Before you choose the wholesale tariff type and click '''Make Tariff''', the form shows a '''CLI Groups''' choice:

* '''Copy CLI Groups''' (default) — the new tariff gets its own CLI Group copies. Editing CLI prefixes on the new tariff does not change the source tariff.
* '''Reuse CLI Groups''' — new rates point to the same CLI Group records as the source tariff. Changing prefixes on one tariff can affect the other.

Use '''Copy''' when you mark up a supplier tariff for resale and need isolated prefix lists. Use '''Reuse''' only when you intentionally want shared CLI Groups between the source and the new tariff.

If the source tariff has no CLI Groups on its rates, this section has no effect — the new tariff is created as before.

 

= See also =
* [[MOR_Manual#Tariffs | Tariffs]]

MOR API v2

2026-06-02T16:34:11Z

Admin:

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=Usage=

Open the GUI using the MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) into the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token into the '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 
== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API

2026-06-02T16:33:40Z

Admin:

[[File:warning.png|100px|alt="warning"|link=]]<big><big><big>IMPORTANT!!! API methods described here are for newest MOR version. For previous versions please check appropriate [http://wiki.kolmisoft.com/index.php/MOR_Manual#Old_Manuals manual].</big></big></big>
[[File:api.png|right|alt="api"|link=]]
<mkmeta>Application Program Interface for MOR Class 5 Softswitch</mkmeta>

 
=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.

MOR accepts requests by HTML POST and returns results in XML.

 
=MOR users that are allowed to use MOR API=
* Admin
* Reseller
* Accountant - only by using Admin Hash and Secret key
* Simple User

 
= Client IP restriction (optional) =

Administrators can limit API use by client IPv4 address: enable '''Restrict API access by IP''' under [[Configuration from GUI]] (together with '''Allow API globally'''), then mark which addresses may call the API on [[Whitelisted IPs]] ('''Allow API access''' per row). When the restriction is off, API behavior is unchanged. Details: configuration in [[Configuration from GUI]]; per-IP flags on [[Whitelisted IPs]].

 
=[[MOR API Permission Groups]]=
Fine-grained allow lists for hash-protected [[MOR API]] methods. Assign a group to integration users so they can call only the API actions you permit.

 

=Functions=

== API Related ==
* [[API Configuration]] – configuration options for API.
* [[MOR API hash construction|Hash construction]] – how to construct hash to authenticate data over API.

 

==Aggregate==
* [[MOR API aggregate get | aggregate_get]] - for getting MOR aggregate statistics.

 

==Autodialer==
* [[MOR API autodialer upload numbers | autodialer_upload_numbers]] - upload numbers from CSV file to existing Autodialer Campaign.
* [[MOR API autodialer get campaign statistics | autodialer_get_campaign_statistics]] - gets Autodialer campaign statistics for selected period.
* [[MOR API autodialer redial all failed calls | autodialer_redial_all_failed_calls]] - initiate Redial all failed calls action for specific campaign.
* [[MOR API autodialer get campaign ivr poll results | autodialer_get_campaign_ivr_poll_results]] - gets Autodialer camoaign ivr poll results.
* [[MOR API autodialer change campaign status | autodialer_change_campaign_status]] - changes Autodialer campaign status.

 

==Balance==
* [[MOR API user balance update | user_balance_update]] (change_user_balance) – changes User's Balance
Various methods to retrieve User balance
* [[MOR API user_balance_get|user_balance_get]] (balance) – retrieves a User Balance.
* [[Balance in phone | user_simple_balance_get]] (simple_balance) – gets User's Balance
* [[MOR API user balance get by psw | user_balance_get_by_psw]] – gets User's Balance by his owned Device's Password
* [[MOR API User Balance get by Username | user_balance_get_by_username]] – gets User's Balance by his owned Device's Username

 

==Callback==
NOTE: A Callback addon is needed. Does not work on a limited version.
* [[MOR API callback init|callback_init]] (callback) – initiates callback.

 

==Calling Cards==
* [[MOR API card_by_cli_update| card_by_cli_update]] (cc_by_cli) – creates and updates calling cards, including adding and transferring funds, by being identified according the Caller_ID.
* [[MOR API card_from_group_sell| card_from_group_sell]] (buy_card_from_callingroup) – sells cards from calling card group.
* [[MOR API card_group_get| card_group_get]] (show_calling_card_group) – show calling group info.
* [[MOR API card_balance_get| card_balance_get]] (card_balance_get) – show card's balance.
* [[MOR API card_payment_add| card_payment_add]] – add payment to the calling card.
* [[MOR_API_Calling_Cards_create| calling_cards_create]] – create Calling Cards.
* [[MOR_API_Calling_Card_update| calling_card_update]] – update Calling Card.
* [[MOR_API_Calling_Cards_get| calling_cards_get]] - get Calling Cards.
* [[MOR_API_Card_Group_create| cc_group_create]] – create Card Group.
* [[MOR_API_Card_Group_update| cc_group_update]] – update Card Group.
* [[MOR API Card Groups get| cc_groups_get]] – show Calling Cards Group info.
 

==Calls==
* [[MOR API user calls get|user_calls_get]] (user_calls) – retrieves a list of calls in a selected time period for a user/device.
* [[MOR API local calls get|local_calls_get]] - retrieves a list of local calls in a selected time period for a user.
* [[MOR_API_active_calls_get|active_calls_get]] - Retrieves list of active calls for specified User.
 

==Conflines==
* [[MOR API conflines update|conflines_update]] – changes settings for API, Default User or Default Device.

 
==Credit notes==
* [[MOR API credit_notes_get| credit_notes_get]] (credit_notes) – credit notes list.
* [[MOR API credit_note_update| credit_note_update]] – credit note update.
* [[MOR API credit_notes_create| credit_note_create]] – credit note create.
* [[MOR API credit_notes_delete| credit_note_delete]] – credit note delete.

 
==Currencies==
* [[MOR_API_Exchange_rate_update|exchange_rate_update]] - Currency Exchange rate update.

 
==Device==

* [[MOR API device create| device_create]] – create device
* [[MOR_API_device_update | device_update]] – update device settings.
* [[MOR API device delete| device_delete]] (delete_device) – delete device
* [[MOR API devices get | devices_get]] (device_list) – users device list
* [[MOR API device details get | device_details_get]] – shows all information about specified device.
 
* [[MOR API device callflow get| device_callflow_get]] - returns information about specified device callflow state.
* [[MOR API device callflow update | device_callflow_update]] – updates information of specified device callflow state.
 
* [[MOR API CLI info get | cli_info_get]] (cli_get_info) – shows id of device where CLI belongs.
* [[MOR API CLI delete | cli_delete]] – deletes specified CLI.
* [[MOR API CLI add | cli_add]] – creates CLI and assigns it to the specified device.
* [[MOR API device clis get | device_clis_get]] – CLIs list by User and/or Device
 
* [[MOR API device rules get | device_rules_get]] – show Device Rules.
* [[MOR API device rule delete | device_rule_delete]] – delete Device Rule.
* [[MOR API device rule create | device_rule_create]] – create Device Rule.
 

==DID==

* [[MOR API dids get| dids_get]] – get list of particular DIDs
* [[MOR API did_create| did_create]] – DID create
* [[MOR_API_did_device_assign| did_device_assign]] (did_assign_device) – Assign Device to DID
* [[MOR_API_did_trunk_device_assign| did_trunk_device_assign]] (did_trunk_device_assign) – Assign Trunk Device to DID
* [[MOR_API_did_device_unassign| did_device_unassign]] (did_unassign_device) – Unassign Device from DID
* [[MOR_API_did_details_update| did_details_update]] (did_details_update) – Update DID details
* [[MOR API did subscription stop|did_subscription_stop]] – STOP DID subscription
* [[MOR API did terminate|did_terminate]] – DID terminate
* [[MOR API did make free|did_make_free]] – DID make free
* [[MOR API did rates update|did_rates_update]] – Update DID rates
* [[MOR API did rates get|did_rates_get]] – Get DID rates
* [[MOR API did close|did_close]] – close the DID
* [[MOR API did delete|did_delete]] – delete the DID
* [[MOR API did rates details get|did_rates_details_get]] – Get DID rates details
* [[MOR API did rates details update|did_rates_details_update]] – Update DID rates details

 

==Email==
* [[MOR API email send| email_send]] (send_email) – send Email.

 
==Financial statements==
* [[MOR API financial_statements_get| financial_statements_get]] (financial_statements) – financial statements list.
 

==Invoices==
* [[MOR API invoices_get|invoices_get]] (invoices) – retrieves a list of invoices in a selected time period.
* [[MOR_API_invoice_update|invoice_update]] - update Invoice

 
==IVR==
* [[MOR_API_ivr_dial_plan_update|ivr_dial_plan_update]] (invoices) – Updates IVR dial plan.
* [[MOR_API_ivr_time_period_update|ivr_time_period_update]] (invoices) – Updates IVR time period.

 
==LCR==
* [[MOR API lcrs_get|lcrs_get]] - retrieves list of LCRs.
* [[MOR API lcr_create|lcr_create]] - creates LCR
* [[MOR API lcr_update|lcr_update]] - updates LCR
* [[MOR API lcr_delete|lcr_delete]] - updates LCR
* [[MOR API lcr_add_provider|lcr_add_provider]] - adds provider to LCR
* [[MOR API lcr_delete_provider|lcr_delete_provider]] - deletes provider from LCR

 

==Location Rules==
* [[MOR API location_rule_create|location_rule_create]] – creates location rule.
* [[MOR API location_rule_update|location_rule_update]] – updates location rule.
* [[MOR API location_rules_get|location_rules_get]] – retrieves location rules.
* [[MOR API location_rule_get|location_rule_get]] – retrieves location rule information.
* [[MOR API location_rule_copy|location_rule_copy]] – copies rule from one location to other one.
* [[MOR API location_rule_delete|location_rule_delete]] – delete location rule.

 

==Login==
* [[MOR API user_login|user_login]] (login) – logs user in to MOR.
* [[MOR API user_logout|user_logout]] (logout) – logs user out from MOR.

 
==Monitorings==
* [[MOR API ma_activate_api| ma_activate]] – turn on monitorings addon

 
==Number Pools==
* [[MOR API number_pools_get| number_pools_get]] – get Number Pools list
* [[MOR API number_pool_create| number_pool_create]] – create Number Pools
* [[MOR API number pool update| number_pool_update]] – update Number Pool
* [[MOR API number pool delete| number_pool_delete]] – delete Number Pool
* [[MOR API number pool numbers create| number_pool_numbers_create]] – create numbers for Number Pool
* [[MOR API number pool numbers delete| number_pool_numbers_delete]] – delete numbers from Number Pool
 

==Payments==
* [[MOR API payment_create| payment_create]] (create_payment) – create payment.
* [[MOR API payments_get| payments_get]] (payments_list) – payments list.

 
==PBX Pool==
* [[MOR API pbx_pool_create| pbx_pool_create]] – PBX Pool create.

 
==Phonebooks==
* [[MOR API phonebooks_get| phonebooks_get]] (phonebooks_api ) – phonebooks list.
* [[MOR API phonebook_edit| phonebook_edit]] (phonebook_edit_api) – edit phonebook.
* [[MOR API phonebook_record_create| phonebook_record_create]] – create phonebook.
* [[MOR API phonebook record delete | phonebook record delete]]

 

==Providers==
* [[MOR API providers get| providers_get]] – getting list of providers.
* [[MOR API provider create| provider_create]] – create provider.
* [[MOR API provider update| provider_update]] – update provider.
* [[MOR API provider delete| provider_delete]] – delete provider.
 
=== Provider Rules===
* [[MOR_API_provider_rules_get| provider_rules_get]] - shows provider rules
* [[MOR_API_provider_rule_delete| provider_rules_delete]] - deletes provider rules
* [[MOR_API_provider_rule_create| provider_rules_create]] - creates provider rules

 

==Queue==
* [[MOR API queue log get| queue_log_get]] – getting MOR queue log.

 
==Quickforwards==
* [[MOR API Quickforwards get| quickforwards_dids_get]] (quickforwards_dids_get) – get Quickforwards.
* [[MOR API Quickforwards update| quickforwards_did_update]] (quickforwards_did_update) – update Quickforwards.
* [[MOR API Quickforwards delete| quickforwards_did_delete]] (quickforwards_did_delete) – delete Quickforwards.

 
==Tariffs/Rates==
* [[MOR API rate get|rate_get]] (rate) – check user rate by prefix
* [[MOR API tariff rates get| tariff_rates_get]] (get_tariff) – get all tariff's rates
* [[MOR API tariff_retail_import | tariff_retail_import ]] (import_retail_tariff) – import xml retail tariff
* [[MOR API tariff_wholesale_update | tariff_wholesale_update ]] (wholesale_tariff) – update or create wholesale tariff
* [[MOR API tariffs_get|tariffs_get]] - retrieve list of tariffs

 

==Recordings==
* [[MOR API recordings get| recordings_get]] – get MOR recordings.
* [[MOR API recording update| recording_update]] - update comment for a specific recording.
* [[MOR API recordings delete | recordings_delete]] - delete recordings based on search parameters.

 
== Resellers ==
* [[MOR API reseller group create|reseller_group_create]] - create new Reseller Group
* [[MOR API reseller_groups_get|reseller_groups_get]] - retrieve Reseller Groups

 
==Services==
* [[MOR API Service create| service_create]] – create Service.
* [[MOR API Service delete| service_delete]] – delete Service.
* [[MOR API Services get| services_get]] – get Services.
* [[MOR API Service update| service_update]] – update Service.

 

==Spy==
* [[MOR API spy_call | spy_call]] – Initiates a spy call.

 

==Statistics==
* [[MOR API quickstats_get | quickstats_get]] – gets today's [[Quick Stats]] and [[Active Calls]] count

 

 
==Subscriptions==
* [[MOR API subscription delete|subscription_delete]] - Subscription delete.
* [[MOR API Subscriptions get|subscriptions_get]] - Subscriptions get.
* [[MOR API subscription create|subscription_create]] - Subscription create.
* [[MOR API subscription create bulk|subscription_create_bulk]] - Bulk Subscription create.
* [[MOR API subscription update|subscription_update]] - Subscription update.
* [[MOR API Subscription Flat Rate Number Status Get| subscription_flat_rate_number_status_get]] - check prefix covering flat-rate subscriptions
 

==User==

* [[MOR API user_register| user_register]] – create new user from params.
* [[MOR API user_details_get | user_details_get]] (user_details) – gets user details.
* [[MOR API user_details_raw_get | user_details_raw_get]] (user_raw_details) – gets user raw details from database.
* [[MOR_API_user_details_update| user_details_update]] (user_update_api) – update user from params.
* [[MOR API users_get| users_get]] - get user list
* [[MOR API user_delete| user_delete]] - deletes user
 

==Version==
* [[MOR API system version get| system_version_get]] (get_version) – get MOR version number.

 

==Vouchers==
* [[MOR API voucher use| voucher_use]] – use selected voucher.

 
= Examples =
* [[MOR API PHP Examples]]

 
=HTML POST=
All requests are in a similar format:

HTML POST: http://<SERVER_IP>/billing/api/<function>?u=username

* username - the user name and password of the user who is asking for the data.

If the user has 'admin' rights, he will get more results and can perform more actions compared to a user who does not have such rights.
 
=Useful to know=

* All API methods return data straight from the database. It means that MOR GUI settings do not affect data, it will be returned as it is saved in the database. For example:
** Value of money will be returned in Default System [[Currencies|Currency]].
** Date will not be affected by [[Configuration_from_GUI#Visual| Default date format]] setting.
** Value of money will not be affected by [[Configuration_from_GUI#Visual|Number digits]] setting.

 
=See also =
* [[API Configuration]]
* [[MOR integration]]
* [[How to block access to some API functions]]
* [[MOR API v2]]

Configuration from GUI

2026-06-02T16:30:04Z

Admin: /* API */

=Where I can find this settings menu?=

You can find this menu in '''SETTINGS –> Setup –> Settings'''

[[File:Settings_path.png]]
 
== Global ==

'''SETTINGS –> Setup –> Settings –> [[Global_Settings | Global]]'''

* '''Company''' – name of the company.
* '''Company email''' – email address of the company.
* '''Version''' – version number.
* '''Copyright Title''' – copyright title supports html text format.
* '''Browser Title''' – browser title for MOR GUI.
* '''Front Page Text''' – some text to place on front page.
* '''Login Page Text''' – some text to place on login page
* '''Show logo on first page''' - untick to hide logo on the start page
 

== Users ==

* '''Show Calls statistics to User for last''' – number of Calls statistics to show in days. For example, if you enter 5 days, users will only see 5 days old calls, they will not be able to check older calls.
* '''Show user_billsec for Users instead of billsec''' – shows user_billsec instead of billsec in Users invoices and last calls. Notice that Billsec shows real Call duration, user_billsec shows Call duration after minimal time or increment applied. For example, if user tariff has 60 sec minimal time and user made a Call for 20 sec, then billsec will show 20 sec and user_billsec will show 60 sec (minimal time is applied).
* '''Hide device passwords for users''' – do not display device passwords for users.
* ''' Hide Device username for Users''' – do not display device username for users.
* '''Hide payment options for postpaid users''' - will hide the payment option for all postpaid users (including Resellers if they are postpaid).
* '''Hide non-completed payments for user''' – hides non-completed payments (the ones which are started in MOR, but are not completed in a payment gateway website).
* '''Hide Recordings for all users''' – hides recordings for all system users from menu and device settings.
* '''Allow User to assign DID to Device''' – lets User to assign DID to Device.
* '''Allow User to assign DID to Trunk''' – lets User to Assign DID to Trunk.
* '''Do not allow users to change their email addresses'''
* '''Do not allow users to change their Personal Details'''
* '''Change ANSWER to FAILED if HGC not equal to 16 for Users''' – changes the Hangupcause for users in call reports from Answered to Failed if Hangupcause is not 16.
* '''Do not allow PREPAID User balance drop below zero (block them instead)'''
* '''Do not block POSTPAID User when balance goes bellow zero on subscription count'''
* '''Allow identical email addresses to different Users''' – allows creating Users or registering users with identical email addresses. After checking this setting you will be not able to check.

 

== Devices ==

* '''Device PIN length''' – length for automatically generated PIN codes for devices.
* '''Device range MIN''' – from which extension automatic extension assigning starts.
* '''Device range MAX''' – till which extension automatic extension assigning goes.
** For example, from this interval: [Device range MIN, Device range MAX] MOR will select extensions for newly created Devices.
* '''Random Device Extension''' – when creating device, random number from '''Device Range''' will be taken.
* '''Enable "Allowed addresses" option for Devices:''' – allows [[Device_settings#Allowed_Addresses | Allowed Addresses]] functionality in Devices settings.
* '''Do not allow duplicate device user names'''
* '''Inform when Devices are created or updated''' – check to get an email about every newly created or updated Device.
* '''Allow same IP and Port combinations in multiple Devices''' – allows creating Devices with the same IP and Port combination.
* '''Show Hostname/IP in Device list'''
* '''Change dahdi''' – Sometimes this is used to change "Zap" to something else in GUI, e.g. to "PSTN", mainly because not everybody knows what Zap stands for. PSTN is more common.

 

== Registration ==

'''SETTINGS –> Setup –> Settings –> Registration'''

* '''Enabled?''' – do we want to let users [[Online registration | register online]] automatically?
* '''Hide registration link in Login page?''' – tick this option if you do not want users to be able to register online.
* '''Default country'''
* '''Asterisk server IP''' – what IP should user connect his softphone/server to?
* '''Send Email to User after registration''' – just yes or no.
* '''Send Email to Admin after registration''' – just yes or no.
* '''Send Email To User after User was created''' – just yes or no.
* '''Send Email To Admin after User was created''' – just yes or no.
* '''[[ReCAPTCHA]] configuration'''
* '''[[User_Agreement|Terms and conditions]]'''
* '''Allow to create user and device with matching username and password''' – just yes or no. If this setting is not enabled - username and password from MOR GUI will have to be different than device's username and password.
* '''Enable VAT checking for EU companies''' – you can choose whether to check '''TAX Registration Number:''' during the [[Online registration]] or not. Done over [http://ec.europa.eu/taxation_customs/vies/?locale=lt EU page].
* '''Allow blank VAT for EU companies''' – allows to leave blank '''TAX Registration Number:''' field during the [[Online registration]]
 
===See also===

* [[Default user]]
 

== Invoices ==

'''SETTINGS –> Setup –> Settings –> Invoices'''

Invoice configuration is divided into '''Prepaid''' and '''Postpaid'''.
 
=== Settings ===

* '''Number start''' – how the invoice number should start.
* '''Number length''' – the length in digits AFTER Number Start – e.g. Number Start is not counted into this length. This value is active only for first number type.
* '''Number type''' – select more appropriate number format.
* '''Invoice period start''' – when invoices are issued, default is first day of the month.
* '''Show calls in detailed invoice''' – yes or no.
* '''[[Outstanding balance(Debt) | Show balance line]]''' – shows balance line in Invoice PDF files when Invoice is generated from first day of month till last one.
* '''Round finals to 2 decimals''' – round or not total in Invoices to 2 decimals.
* '''Use short file name'''
* '''Group Subscriptions''' - User's subscriptions will be grouped by service (only applies to PDF and XLSX invoice).
* '''Show Quantity''' - Show quantity of each service (only applies to PDF invoice).
* '''Invoice Page Limit:''' – invoice will be generated till this page limit. Additional page is added with an explanation that page limit was reached.
* ''' Rename 'DID owner cost' label in detailed PDF invoice:''' – text which will be used instead of '''DID owner cost''' in detailed PDF invoice.
* ''' Hide 'DID owner cost' line in detailed PDF invoice:''' – checkbox, which control whether or not DID owner cost should be shown in detailed PDF invoice.
* ''' Show Destination with Prefix in Detailed Invoice:''' - checkbox, if enabled, destination will be shown as '''Destination Name (prefix)'''.
* ''' Rename red 'INVOICE' label in Simplified PDF Invoice:'''
* ''' Rename red 'INVOICE' label in Detailed PDF Invoice:'''
* ''' Rename red 'INVOICE' label in PDF Invoice by CallerID:'''
* ''' Use rounded Invoice Details Prices to calculate Totals''' - use rounded sub-totals to calculate Invoice Total price.
 

=== Details ===

* '''Address format''' – changes field positioning in the invoice for the address. You must select it in order to show address in the invoice.
* '''Address line 1-4''' – address info.
* '''Bank details line 1-5''' – bank details info.
* '''Invoice balance line''' – line for balance (e.g. "Your current balance is")
* '''Invoice to pay Line'''
* '''End title''' – a title for the end of your invoice.

* '''Add Average rate in detailed invoice''' – adds average rate in detailed invoice.
* '''Show Time in Minute''' – shows time in mm:ss instead of hh:mm:ss, for example, not 02:13:42 but 133:42.
 

=== Additional ===

* '''Show additional details on separate page''' – enables additional custom page at the end of the invoice.
* '''Additional details''' – the information to be displayed in a custom page at the end of the invoice.
 
=== Functionality ===

* '''Invoice allow recalculate after send''' – allows recalculating invoices after being sent. This setting also allows to delete sent invoices.
* '''Do not generate Invoices for blocked Users''' - if enabled Invoices will not be generated for blocked Users.
* '''Rename "Calls" label''' - changes 'Calls' name for Simplified Invoices and new Invoice XLSX. If you want to apply new 'Calls' name for old XLSX, you should go to Settings > Invoices > XLSX and mark 'New XLSX template apply for old Invoices'
* '''Start value for Invoice numbers''' - defines number from which Invoices numeration should start.
* '''Duration Format:''' - time format in invoice. This setting applies for XLSX type invoices (and PDF invoices generated from XLSX invoice) and Invoice Details page. Available options - 'H:M:S', 'H:M', 'M'. When option 'M' is used, sub option Decimal places appear, where you can select precision.
* '''Invoice Group By: Prefix / Destination'''
* '''Show Rates:No / Yes'''
* '''Show Calls in CID Invoice (CSV)''' - if enabled, then CSV Invoice by CallerID will show a list of calls.
* '''Show Subscriptions total Selfcost in Invoices List CSV''' - enables additional columns at the Invoice List, when using Export to CSV: Agreement Number, Issue date, Subscriptions total Selfcost. Columns are enabled for Admin and Resellers.

 

=== XLSX ===
* '''XLSX Template''' - choose XLSX Template for Invoices.
* '''Send XLSX Invoices converted to PDF''' – If enabled XLSX invoices will be converted to PDF before sending over [[Invoices#Send_invoices_by_email_.28manual.29|Email]] or [[Cron_actions#Generate_Invoices_and_send_by_Email|using cron action]]
* '''Group regular Calls by Destination''' - Groups regular Calls be destination
 

===See also===

* [[Invoices]]
* [[Invoice configuration]]
 

== Emails ==

'''SETTINGS –> Setup –> Settings –> Emails'''

* ''' Sending globally enabled''' – if this is checked, you will be able to use Mass Mailing and the system will send emails upon user registration.
* ''' Add recipient first name and last name''' – if this is checked, it will show the user's first name and last name if they are entered in the User Settings.
* '''SMTP server''' – hostname of the server.
* '''Port''' – port of SMTP server.
* '''Login''' – username to your SMTP server.
* '''Password''' – password to your SMTP server.
* '''Batch size''' – value for Mass Mailing, or how many emails to send at once.
* '''From''' – email address to put into From: field in email. Acceptable formats are: '''example@email.com''' or '''John Smith <example@email.com>'''.
* '''Test email sending''' – save settings and press this to test email sending. Do not forget to save settings first!
* '''TLS''' – '''Auto''', '''Yes''' or '''No'''. Default '''Auto'''.

'''P.S. Remember to set admin's e-mail in admin's personal settings. Without this test email sending will not work!'''

 
===See also===

* [[Emails|Mass Emails]]
* [[Email variables]]
 

== Various ==

'''SETTINGS –> Setup –> Settings –> Various'''

* '''Allow login by email''' - allow users to log in by email instead of a username.
* '''Logout link''' – a user will be redirected to this link after pressing "Logout"
* '''Agreement number length''' – number length in digits.
* '''Google Maps API key''' - the setting is necessary for using the Google Maps functionality. For more on how to configure this key please check [[Get Google Maps key]].
* '''Chanspy is disabled globally'''
*'''Send Recordings space warning Email''' - sends Email to Admin once a day if recordings exceed space limit.
*'''Delete Tariff Jobs older than''' - deletes tariff jobs older than set days.
*'''Delete Automatic Tariff Import Inbox Messages older than''' - deletes automatic tariff import inbox messages older than set days.
* '''Server free space limit''' – indicator when system should inform admin about low [[Multi_Server_support|Server]] space. By default 20%. Notice will appear in [[Integrity Check]] and every hour will send an email "Low Disk Space Alert". Which template can be found and edited on [[Emails]] page. Information about the Server and the remaining free space will be provided.
* '''Days for DID to close''' – how long to keep DID closed before making it free.
* '''DID for Unassigned DID''' - this feature is used for calls coming from providers to system DIDs. Allows redirecting call to specific DID if client dials nonexistent DID. If empty, then this feature is disabled and a call will be terminated with [http://wiki.kolmisoft.com/index.php/207_Not_clear_who_should_receive_call 207 Not clear who should receive call] hangup code.
* '''Play IVR for unauthenticated call'''
* '''Banned CLIs default IVR''' – default IVR to route banned numbers.
* '''Default Music On Hold''' - allows to select Default Music On Hold.
* '''Use Extension in CallerID for Local Calls''' - overwrites original CallerID with Device Extension when making local calls. Outside calls are not affected by this setting.
* '''Call Forwarding CallerID (via call)''' - allows to manage CallerID when [http://wiki.kolmisoft.com/index.php/Call_Flow#Change_Forward_action_by_Call forwarding is set by call].
* '''Force Users to use forwarding CallerID (via GUI)''' – possible options: '''Empty''' (the user will have all options available), '''From Device, Same as comes, Sames as comes - with Diversion'''.
** When forwarding with Diversion, Diversion header can be customized by changing the value in the input field. For example value '''${MOR_SIP_TO};reason=unconditional''' will result in Diversion header with an additional parameter ''';reason=unconditional''' (here '''${MOR_SIP_TO}''' will be expanded to initial SIP To URI <nowiki><sip:xxxxxx></nowiki>). If no value is set, then the default value '''${MOR_SIP_TO}''' (initial SIP To URI) will be used. Other Asterisk/MOR core variables can be used here as well..
* '''Enable "Allowed addresses" option for Providers:''' – allows Allowed Addresses functionality in Providers settings.
*'''Allow forward from Resellers''' - enables advanced device option: Allow forward from Resellers. More information about option in [https://wiki.kolmisoft.com/index.php/Device_settings#Advanced device settings].

== Tax ==

'''SETTINGS –> Setup –> Settings –> Tax'''

Settings are explained here: [[Multi-Tax system]]
 
== Backups ==

'''SETTINGS –> Setup –> Settings –> Backups'''

Configuration is explained here: [[Backup system]]
 
== API ==

'''SETTINGS –> Setup –> Settings –> API'''

* '''Allow API''' – enable/disable API.
* '''Allow GET API''' – enable/disable GET in API - use only for testing!
* '''API Secret Key''' – secret key for API. This will be used as a password for signing queries to the MOR API. Check [[MOR_API | MOR API documentation]] for more information
* '''XML API Extension''' – .NET does not follow standards (surprise!); enable this setting if you are using it to get XML starting with HTTP tags.
* '''Allow API Login Redirect''' – enable/disable
* '''API allow registration''' – enable/disable registration through API
* '''API allow Payments''' – enable/disable payments through API
* '''API Payment confirmation''' – enable/disable payments confirmation through API
* '''[[Balance_in_phone|Allow devices to check balance over HTTP]]''' – enable/disable device balance checking
* '''[[MOR_API_rate_get|Allow devices to check rate over HTTP]]''' – enable/disable device rate checking
* '''Disable hash checking''' – lets you skip hash parameter using API
* '''Uniquehash''' – shows your uniquehash
* '''Send Email To Admin after API/Manual Payment''' - sends an email to Admin after API/Manual payment. Email Template name: manual_payment_email
* '''Send Email to User after API/Manual Payment''' - sends an email to the user after API/Manual payment. Email Template name: manual_payment_email_for_user
* '''Send Email To Admin after API/Balance Update''' - sends an email to Admin after API/Balance Update. Email Template name: balance_update_email
 
'''Restrict API access by IP''' 
When this option is enabled together with '''Allow API globally''', the system accepts [[MOR API]] and [[MOR API v2]] requests only from IPv4 client addresses that have '''Allow API access''' enabled on [[Whitelisted IPs]] (GUI whitelist or IP authenticated Device or Provider table). Default is '''off''', which keeps the previous behavior (any client IP is allowed, subject to normal API settings and permissions).

If you enable restriction while '''no''' Whitelisted IP has '''Allow API access''' checked, the API tab shows a warning that API calls may be denied until you configure at least one allowed IP on [[Whitelisted IPs]].

Turning '''Allow API globally''' off also clears '''Restrict API access by IP''' when settings are saved.

 
===See also===

* [[Whitelisted IPs]] — '''Allow API access''' per IP (both tables on that page)
* [[MOR API]] — legacy XML API
* [[MOR API v2]] — REST API
* [[Action log]] — optional logging of denied API attempts by IP

 

== Functionality ==

'''SETTINGS –> Setup –> Settings –> Functionality'''
 
===FAX===

* '''Fax device enabled''' – enable/disable Fax device in MOR. When admin enables FAX, Functionality tab appears in Reseller's GUI configuration. He can then enable or disabled fax for his own users himself.
* '''Fax2Email From Sender''' – there is a field "From:" in an email form. When MOR sends Fax to Email, "Fax2Email From Sender" value is displayed in "From:" field.
* '''Allow Users to change FAX email''' - allow simple Users to add/remove/edit FAX emails in FAX Devices.
* '''Fax2Email Email Template''' - [[Emails|email template]] to be used for Fax2Email emails. "None" means the default Asterisk template.
 

===CSV===

* '''CSV Column Separator''' – how columns are separated in imported/exported CSV files.
* '''CSV Decimal Separator''' – how decimal parts in numbers are separated in imported/exported CSV files.
* ''' Archive CSV file when size reaches''' – if CSV file reaches a certain size, the system will archive it to save time to download it (0 means to archive always)
 
===Active Calls===

* '''How many maximum [[Active_Calls|Active Calls]] to show in GUI''' – how many [[Active_Calls| Active Calls]] to show in GUI
* '''[[Active_Calls| Active Calls]] refresh interval''' – [[Active_Calls|Active Calls]] refresh interval in seconds
* '''Show [[Active_Calls|Active Calls]] for Users''' – tick if you want to allow users to see [[Active_Calls|Active Calls]]
* '''Show Servers in [[Active_Calls|Active Calls]]'''
* '''Show DIDs in [[Active_Calls|Active Calls]]'''
* '''Show localized Source in [[Active_Calls|Active Calls]]''' - if set, [[Active_Calls|Active Calls]] will show callerid number after localisations (if any) have been applied.
* '''Show Originators' Device IP in [[Active_Calls|Active Calls]]'''
 

===Last Calls===

* '''Limit PDF size in Last Calls to''' - limits how many pages can be exported from Last Calls to PDF. It takes a lot of system resources to generate PDF files therefore this limit should be low enough to prevent high load on system.
* '''Show Device and its CallerID in Last Calls''' – shows additional column in [[Last Calls]] page with Device and its CallerID information. Click to reach that Device settings page.
* '''Show DID User instead of DID Device User in Last Calls''' - if enabled, shows DID User in Last Calls User/Name column instead of DID Device User. This option is relevant when incoming Provider calls DID that belongs to User A and is assigned to User's B Trunk. If option is enabled, User A will be shown. If option is disabled, User B will be shown.
* '''Show Terminated by in Last Calls''' - show Terminated By column in [[Last Calls]], calls CSV/PDF export, and adds the possibility to select this column in [[CDR Export Templates]].
* '''Show Usernames on PDF/CSV Export Files in Last Calls''' – if checked, when a particular User in the Last Calls page search is selected, the Last Calls PDF/CSV file name will be composed also of the Name of selected User. If you are looking for All Users, no User Name will be used. (Name of the User will be shown in Name of the CSV/PDF file).
 

===Tariffs/Rates===

* '''Show rates for users''' – allows users to see rates
* '''Show rates without Tax''' – shows rates without TAX
* '''Show [[Advanced_Rates|Advanced Rates]] for users''' – allows users to see [[Advanced_Rates|Advanced Rates]]
* '''Show zero rates in LCR tariff export:''' – shows zero rates in LCR tariff exported file.
* '''Delete outdated Rates after''' - Delete outdated Rates after some dates.
* '''Show Ghost percent column in Tariffs:''' – if enabled, the Ghost percent column will be shown in the tariff. Default disabled.
NOTE: if [[Custom Rates]] and/or Tariff Rates are set for the user, only the custom rates will be shown in the details of destination rates.
 

===Statement of Account===
* ''' PDF Settings ''' - allows to put Address lines of PDF file for Statement of Account.
*Address line 1: Street Address
*Address line 2: City, Country
*Address line 3: Phone, fax
*Address line 4: Web, email
*Bank details line 1
*Bank details line 2
*Bank details line 3
*Bank details line 4
*Bank details line 5
*Bank details line 6
*Bank details line 7
*Bank details line 8
 

==Privacy==

'''SETTINGS –> Setup –> Settings –> Privacy'''

* '''[[Privacy_to_hide_Destination_ends|Privacy to hide Destination ends]]'''
* '''[[GDPR]] Activated''' – hides User data with notification "Data hidden due GDPR. Press to show data (action will be logged)". Valid for Admin, Accountant, Reseller and Partner.

== Visual ==

'''SETTINGS –> Setup –> Settings –> Visual'''

* '''Items per page (Setting high value can cause performance issues)''' – the number of items to display per one page
* '''[[Global_date_format| Default date format]]''' – System default date format
* '''Default Time Format''' – System default time format
* '''Default Hour Format''' - System default hour format
* '''Default Number Decimal''' – with this option you can set default number decimal for all GUI
* '''Number digits''' – how many digits to display after a comma
* '''Hide Quick Stats in Start page''' – hide Quick stats from start page
* '''Hide "Information about this page" link''' – hide HELP banner in GUI
* '''Hide "I want to" help links'''
* '''[[Remove_Manual_link_from_admin_GUI|Hide "Manual" link]]''' – hides "Manual" link
*'''Hide Provider Payments from User Payment List''' - default off.
* '''Show Full Source (CallerID Name and Number)'''
* '''Use <> brackets in CDR export''' - changes brackets in CDR export
* '''Show only main page''' – this is a very advanced feature for those who want to hide default MOR menu tree on the left so that they could build their own menu using advanced techniques without modifying MOR GUI sources.
* '''Show forgot password''', because this functionality requires a unique email in the system. The setting can be unchecked if all emails are unique in the system.
** '''From Device''' - puts CallerID for the Device that is forwarding the call. If Device CallerID is empty, then the originator's CallerID will be used.
** '''Same as comes - unchanged''' - leaves the CallerID as it comes from the originator.
** '''Same as comes - with Diversion''' - leaves the CallerID as it comes from the original caller and additionally adds SIP header Diversion with CallerID from the Device that is forwarding the call (header will not be added if Device does not have CallerID set).
* '''Show forgot password''' – turns on '''[[MOR_forgot_user_password | Forgot password]]''' functionality.
* '''Show detailed Quick Stats''' - shows modified quick stats of first page.
* '''Show Replication Broken warning only for Admin''' - if enabled, shows Replication Broken warning message only for Admin account.
* '''Change LCR priority by using drag and drop'''
* '''New Menu Active''' - if enabled, changes main menu to the new structure.
* '''Dropdown field in User's subscriptions''' - enables old style Service selection in Subscription form.
* '''Show entered Destination only for Users''' - show the Destination numbers for Users that were entered by them and not Destination numbers after Localization.
* '''Show Company Name column in Users page''' - show "Company Name" column in Users list page.
 

== Server load ==

'''SETTINGS –> Setup –> Settings –> Server load'''
 
Settings for GUI Server and Database Server

* '''HDD utilisation higher than''' – Percentage of CPU time during which I/O requests were issued to the device (bandwidth utilization for the device).
* '''CPU General Load higher than''' – CPU General load higher than – Percentage of the CPU for user processes.
* '''CPU Load Stats 1 higher than''' – average load per one minute on the system
* '''CPU MySQL process higher than''' – Percentage of the CPU for MySQL process
* '''CPU Ruby process higher than''' – Percentage of the CPU for Ruby process
* '''CPU Asterisk process (if present) higher than''' – Percentage of the CPU for Asterisk process
* '''Delete Server Load Stats older than''' – deletes internal servers load statistics older than defined number of days.
 

== Calls ==

'''SETTINGS –> Setup –> Settings –> Calls'''
* '''Retrieve PCAP files from the Proxy Server''' – default off. Works only when CCL module is activated.

* '''SQL Max Execution Time''' - max execution time in seconds for SQL query. The default time is 300 seconds (5 minutes). Used in Statistics pages (Calls List export and similar).
 
[[Archived calls]]
 

== FTP ==
Please fill up FTP server details if you want to store Archived calls or/and Backups to FTP server.

* '''IP''' - Enter FTP server IP.
* '''Port''' - Enter FTP server Port.
* '''Username''' - Enter FTP server Username.
* '''Password''' - Enter FTP server Password.
* '''Path for Archived Calls''' - Enter Path for Archived Calls.
* '''Path for Backups''' - Enter path for Backups.
* '''Path for CDR Export''' - Enter path where to export CDRs.
 

== SFTP ==
Please fill up SFTP server details if you want to use SFTP for [[Automatic CDR Export]].

* '''IP''' - IP of the SFTP server.
* '''Port''' - Port of the SFTP server.
* '''Username''' - Username to connect to SFTP server.
* '''Password''' - Password to connect to SFTP server.
* '''Use SSH key''' - Use SSH key configured as described [[Configure SSH connection between servers|here]].
* '''Path for CDR Export''' - Path in SFTP server where to export CDRs.
* '''Skip CA verification''' - skips SFPT servers CA verification. Try to enable it if the test passes, but if the upload fails. Adds the --insecure option as described here https://curl.se/docs/sslcerts.html
* '''Path to CA Certificate''' - optional. Allows specifying a custom CA store. Adds the --cacert [file] option as described here https://curl.se/docs/sslcerts.html
 

== Security ==
* '''Allow short passwords in devices''' - by default, device passwords are expected to be longer than 7 characters. If enabled, MOR will permit shorter device passwords.
* '''Use strong passwords for users'''
* '''Admin login with approved IP only''' - security measure which allows to approve IP's that try to [[MOR_Login_with_approved_IP%27s|login with Admin Account]].
* '''Enable IP report warning on login failure''' - show [[MOR_Login_Failure_Report|warning]] on unsuccessful login attempts.
* '''Logout after password change''' - terminates all sessions of the User whose password is changed.
* '''Logout after closing browser window''' - terminates all sessions of the User after closing browser window.
* '''Do not logout on session IP change''' - do not logout from MOR GUI if IP is changed.
* '''2FA Enabled''' - Enables two factors authentication. Two factors authentication requires to enter emailed code during login to user account. '''2FA Enabled must be also enable on individual [[User_Details|User settings]] to make it work for that User.'''
** '''Email Template''' - [[Emails|email template]] used to send the code.
** '''Code length (digits)''' - code length.
** '''Code Enter Attempts Allowed''' - number of attempts to enter the code correctly. Code expires after this number of failed attempts.
** '''Code Enter Time Allowed''' - code is valid for this amount of time.
** '''Send Notification Email to Admin on Login''' - allows admin to get email notification on login.
*** '''Email Template''' - [[Emails|email template]] used to notify admin.
*** '''On Admin Login''' - get notification on login to Admin's account.
*** '''On User Login''' - get notification on login to User's accounts.
** '''Send Notification Email on Login''' - allows this mailbox to get email notification on login.
*** '''Email Template''' - [[Emails|email template]] used to notify.
*** '''On Admin Login''' - get notification on login to Admin's account.
*** '''On User Login''' - get notification on login to User's accounts.
 

=See also=

* [[Server is overloaded]]

Configuration from GUI

2026-06-02T16:29:43Z

Admin: /* API */

=Where I can find this settings menu?=

You can find this menu in '''SETTINGS –> Setup –> Settings'''

[[File:Settings_path.png]]
 
== Global ==

'''SETTINGS –> Setup –> Settings –> [[Global_Settings | Global]]'''

* '''Company''' – name of the company.
* '''Company email''' – email address of the company.
* '''Version''' – version number.
* '''Copyright Title''' – copyright title supports html text format.
* '''Browser Title''' – browser title for MOR GUI.
* '''Front Page Text''' – some text to place on front page.
* '''Login Page Text''' – some text to place on login page
* '''Show logo on first page''' - untick to hide logo on the start page
 

== Users ==

* '''Show Calls statistics to User for last''' – number of Calls statistics to show in days. For example, if you enter 5 days, users will only see 5 days old calls, they will not be able to check older calls.
* '''Show user_billsec for Users instead of billsec''' – shows user_billsec instead of billsec in Users invoices and last calls. Notice that Billsec shows real Call duration, user_billsec shows Call duration after minimal time or increment applied. For example, if user tariff has 60 sec minimal time and user made a Call for 20 sec, then billsec will show 20 sec and user_billsec will show 60 sec (minimal time is applied).
* '''Hide device passwords for users''' – do not display device passwords for users.
* ''' Hide Device username for Users''' – do not display device username for users.
* '''Hide payment options for postpaid users''' - will hide the payment option for all postpaid users (including Resellers if they are postpaid).
* '''Hide non-completed payments for user''' – hides non-completed payments (the ones which are started in MOR, but are not completed in a payment gateway website).
* '''Hide Recordings for all users''' – hides recordings for all system users from menu and device settings.
* '''Allow User to assign DID to Device''' – lets User to assign DID to Device.
* '''Allow User to assign DID to Trunk''' – lets User to Assign DID to Trunk.
* '''Do not allow users to change their email addresses'''
* '''Do not allow users to change their Personal Details'''
* '''Change ANSWER to FAILED if HGC not equal to 16 for Users''' – changes the Hangupcause for users in call reports from Answered to Failed if Hangupcause is not 16.
* '''Do not allow PREPAID User balance drop below zero (block them instead)'''
* '''Do not block POSTPAID User when balance goes bellow zero on subscription count'''
* '''Allow identical email addresses to different Users''' – allows creating Users or registering users with identical email addresses. After checking this setting you will be not able to check.

 

== Devices ==

* '''Device PIN length''' – length for automatically generated PIN codes for devices.
* '''Device range MIN''' – from which extension automatic extension assigning starts.
* '''Device range MAX''' – till which extension automatic extension assigning goes.
** For example, from this interval: [Device range MIN, Device range MAX] MOR will select extensions for newly created Devices.
* '''Random Device Extension''' – when creating device, random number from '''Device Range''' will be taken.
* '''Enable "Allowed addresses" option for Devices:''' – allows [[Device_settings#Allowed_Addresses | Allowed Addresses]] functionality in Devices settings.
* '''Do not allow duplicate device user names'''
* '''Inform when Devices are created or updated''' – check to get an email about every newly created or updated Device.
* '''Allow same IP and Port combinations in multiple Devices''' – allows creating Devices with the same IP and Port combination.
* '''Show Hostname/IP in Device list'''
* '''Change dahdi''' – Sometimes this is used to change "Zap" to something else in GUI, e.g. to "PSTN", mainly because not everybody knows what Zap stands for. PSTN is more common.

 

== Registration ==

'''SETTINGS –> Setup –> Settings –> Registration'''

* '''Enabled?''' – do we want to let users [[Online registration | register online]] automatically?
* '''Hide registration link in Login page?''' – tick this option if you do not want users to be able to register online.
* '''Default country'''
* '''Asterisk server IP''' – what IP should user connect his softphone/server to?
* '''Send Email to User after registration''' – just yes or no.
* '''Send Email to Admin after registration''' – just yes or no.
* '''Send Email To User after User was created''' – just yes or no.
* '''Send Email To Admin after User was created''' – just yes or no.
* '''[[ReCAPTCHA]] configuration'''
* '''[[User_Agreement|Terms and conditions]]'''
* '''Allow to create user and device with matching username and password''' – just yes or no. If this setting is not enabled - username and password from MOR GUI will have to be different than device's username and password.
* '''Enable VAT checking for EU companies''' – you can choose whether to check '''TAX Registration Number:''' during the [[Online registration]] or not. Done over [http://ec.europa.eu/taxation_customs/vies/?locale=lt EU page].
* '''Allow blank VAT for EU companies''' – allows to leave blank '''TAX Registration Number:''' field during the [[Online registration]]
 
===See also===

* [[Default user]]
 

== Invoices ==

'''SETTINGS –> Setup –> Settings –> Invoices'''

Invoice configuration is divided into '''Prepaid''' and '''Postpaid'''.
 
=== Settings ===

* '''Number start''' – how the invoice number should start.
* '''Number length''' – the length in digits AFTER Number Start – e.g. Number Start is not counted into this length. This value is active only for first number type.
* '''Number type''' – select more appropriate number format.
* '''Invoice period start''' – when invoices are issued, default is first day of the month.
* '''Show calls in detailed invoice''' – yes or no.
* '''[[Outstanding balance(Debt) | Show balance line]]''' – shows balance line in Invoice PDF files when Invoice is generated from first day of month till last one.
* '''Round finals to 2 decimals''' – round or not total in Invoices to 2 decimals.
* '''Use short file name'''
* '''Group Subscriptions''' - User's subscriptions will be grouped by service (only applies to PDF and XLSX invoice).
* '''Show Quantity''' - Show quantity of each service (only applies to PDF invoice).
* '''Invoice Page Limit:''' – invoice will be generated till this page limit. Additional page is added with an explanation that page limit was reached.
* ''' Rename 'DID owner cost' label in detailed PDF invoice:''' – text which will be used instead of '''DID owner cost''' in detailed PDF invoice.
* ''' Hide 'DID owner cost' line in detailed PDF invoice:''' – checkbox, which control whether or not DID owner cost should be shown in detailed PDF invoice.
* ''' Show Destination with Prefix in Detailed Invoice:''' - checkbox, if enabled, destination will be shown as '''Destination Name (prefix)'''.
* ''' Rename red 'INVOICE' label in Simplified PDF Invoice:'''
* ''' Rename red 'INVOICE' label in Detailed PDF Invoice:'''
* ''' Rename red 'INVOICE' label in PDF Invoice by CallerID:'''
* ''' Use rounded Invoice Details Prices to calculate Totals''' - use rounded sub-totals to calculate Invoice Total price.
 

=== Details ===

* '''Address format''' – changes field positioning in the invoice for the address. You must select it in order to show address in the invoice.
* '''Address line 1-4''' – address info.
* '''Bank details line 1-5''' – bank details info.
* '''Invoice balance line''' – line for balance (e.g. "Your current balance is")
* '''Invoice to pay Line'''
* '''End title''' – a title for the end of your invoice.

* '''Add Average rate in detailed invoice''' – adds average rate in detailed invoice.
* '''Show Time in Minute''' – shows time in mm:ss instead of hh:mm:ss, for example, not 02:13:42 but 133:42.
 

=== Additional ===

* '''Show additional details on separate page''' – enables additional custom page at the end of the invoice.
* '''Additional details''' – the information to be displayed in a custom page at the end of the invoice.
 
=== Functionality ===

* '''Invoice allow recalculate after send''' – allows recalculating invoices after being sent. This setting also allows to delete sent invoices.
* '''Do not generate Invoices for blocked Users''' - if enabled Invoices will not be generated for blocked Users.
* '''Rename "Calls" label''' - changes 'Calls' name for Simplified Invoices and new Invoice XLSX. If you want to apply new 'Calls' name for old XLSX, you should go to Settings > Invoices > XLSX and mark 'New XLSX template apply for old Invoices'
* '''Start value for Invoice numbers''' - defines number from which Invoices numeration should start.
* '''Duration Format:''' - time format in invoice. This setting applies for XLSX type invoices (and PDF invoices generated from XLSX invoice) and Invoice Details page. Available options - 'H:M:S', 'H:M', 'M'. When option 'M' is used, sub option Decimal places appear, where you can select precision.
* '''Invoice Group By: Prefix / Destination'''
* '''Show Rates:No / Yes'''
* '''Show Calls in CID Invoice (CSV)''' - if enabled, then CSV Invoice by CallerID will show a list of calls.
* '''Show Subscriptions total Selfcost in Invoices List CSV''' - enables additional columns at the Invoice List, when using Export to CSV: Agreement Number, Issue date, Subscriptions total Selfcost. Columns are enabled for Admin and Resellers.

 

=== XLSX ===
* '''XLSX Template''' - choose XLSX Template for Invoices.
* '''Send XLSX Invoices converted to PDF''' – If enabled XLSX invoices will be converted to PDF before sending over [[Invoices#Send_invoices_by_email_.28manual.29|Email]] or [[Cron_actions#Generate_Invoices_and_send_by_Email|using cron action]]
* '''Group regular Calls by Destination''' - Groups regular Calls be destination
 

===See also===

* [[Invoices]]
* [[Invoice configuration]]
 

== Emails ==

'''SETTINGS –> Setup –> Settings –> Emails'''

* ''' Sending globally enabled''' – if this is checked, you will be able to use Mass Mailing and the system will send emails upon user registration.
* ''' Add recipient first name and last name''' – if this is checked, it will show the user's first name and last name if they are entered in the User Settings.
* '''SMTP server''' – hostname of the server.
* '''Port''' – port of SMTP server.
* '''Login''' – username to your SMTP server.
* '''Password''' – password to your SMTP server.
* '''Batch size''' – value for Mass Mailing, or how many emails to send at once.
* '''From''' – email address to put into From: field in email. Acceptable formats are: '''example@email.com''' or '''John Smith <example@email.com>'''.
* '''Test email sending''' – save settings and press this to test email sending. Do not forget to save settings first!
* '''TLS''' – '''Auto''', '''Yes''' or '''No'''. Default '''Auto'''.

'''P.S. Remember to set admin's e-mail in admin's personal settings. Without this test email sending will not work!'''

 
===See also===

* [[Emails|Mass Emails]]
* [[Email variables]]
 

== Various ==

'''SETTINGS –> Setup –> Settings –> Various'''

* '''Allow login by email''' - allow users to log in by email instead of a username.
* '''Logout link''' – a user will be redirected to this link after pressing "Logout"
* '''Agreement number length''' – number length in digits.
* '''Google Maps API key''' - the setting is necessary for using the Google Maps functionality. For more on how to configure this key please check [[Get Google Maps key]].
* '''Chanspy is disabled globally'''
*'''Send Recordings space warning Email''' - sends Email to Admin once a day if recordings exceed space limit.
*'''Delete Tariff Jobs older than''' - deletes tariff jobs older than set days.
*'''Delete Automatic Tariff Import Inbox Messages older than''' - deletes automatic tariff import inbox messages older than set days.
* '''Server free space limit''' – indicator when system should inform admin about low [[Multi_Server_support|Server]] space. By default 20%. Notice will appear in [[Integrity Check]] and every hour will send an email "Low Disk Space Alert". Which template can be found and edited on [[Emails]] page. Information about the Server and the remaining free space will be provided.
* '''Days for DID to close''' – how long to keep DID closed before making it free.
* '''DID for Unassigned DID''' - this feature is used for calls coming from providers to system DIDs. Allows redirecting call to specific DID if client dials nonexistent DID. If empty, then this feature is disabled and a call will be terminated with [http://wiki.kolmisoft.com/index.php/207_Not_clear_who_should_receive_call 207 Not clear who should receive call] hangup code.
* '''Play IVR for unauthenticated call'''
* '''Banned CLIs default IVR''' – default IVR to route banned numbers.
* '''Default Music On Hold''' - allows to select Default Music On Hold.
* '''Use Extension in CallerID for Local Calls''' - overwrites original CallerID with Device Extension when making local calls. Outside calls are not affected by this setting.
* '''Call Forwarding CallerID (via call)''' - allows to manage CallerID when [http://wiki.kolmisoft.com/index.php/Call_Flow#Change_Forward_action_by_Call forwarding is set by call].
* '''Force Users to use forwarding CallerID (via GUI)''' – possible options: '''Empty''' (the user will have all options available), '''From Device, Same as comes, Sames as comes - with Diversion'''.
** When forwarding with Diversion, Diversion header can be customized by changing the value in the input field. For example value '''${MOR_SIP_TO};reason=unconditional''' will result in Diversion header with an additional parameter ''';reason=unconditional''' (here '''${MOR_SIP_TO}''' will be expanded to initial SIP To URI <nowiki><sip:xxxxxx></nowiki>). If no value is set, then the default value '''${MOR_SIP_TO}''' (initial SIP To URI) will be used. Other Asterisk/MOR core variables can be used here as well..
* '''Enable "Allowed addresses" option for Providers:''' – allows Allowed Addresses functionality in Providers settings.
*'''Allow forward from Resellers''' - enables advanced device option: Allow forward from Resellers. More information about option in [https://wiki.kolmisoft.com/index.php/Device_settings#Advanced device settings].

== Tax ==

'''SETTINGS –> Setup –> Settings –> Tax'''

Settings are explained here: [[Multi-Tax system]]
 
== Backups ==

'''SETTINGS –> Setup –> Settings –> Backups'''

Configuration is explained here: [[Backup system]]
 
== API ==

'''SETTINGS –> Setup –> Settings –> API'''

* '''Allow API''' – enable/disable API.
* '''Allow GET API''' – enable/disable GET in API - use only for testing!
* '''API Secret Key''' – secret key for API. This will be used as a password for signing queries to the MOR API. Check [[MOR_API | MOR API documentation]] for more information
* '''XML API Extension''' – .NET does not follow standards (surprise!); enable this setting if you are using it to get XML starting with HTTP tags.
* '''Allow API Login Redirect''' – enable/disable
* '''API allow registration''' – enable/disable registration through API
* '''API allow Payments''' – enable/disable payments through API
* '''API Payment confirmation''' – enable/disable payments confirmation through API
* '''[[Balance_in_phone|Allow devices to check balance over HTTP]]''' – enable/disable device balance checking
* '''[[MOR_API_rate_get|Allow devices to check rate over HTTP]]''' – enable/disable device rate checking
* '''Disable hash checking''' – lets you skip hash parameter using API
* '''Uniquehash''' – shows your uniquehash
* '''Send Email To Admin after API/Manual Payment''' - sends an email to Admin after API/Manual payment. Email Template name: manual_payment_email
* '''Send Email to User after API/Manual Payment''' - sends an email to the user after API/Manual payment. Email Template name: manual_payment_email_for_user
* '''Send Email To Admin after API/Balance Update''' - sends an email to Admin after API/Balance Update. Email Template name: balance_update_email

 
'''Restrict API access by IP''' 
When this option is enabled together with '''Allow API globally''', the system accepts [[MOR API]] and [[MOR API v2]] requests only from IPv4 client addresses that have '''Allow API access''' enabled on [[Whitelisted IPs]] (GUI whitelist or IP authenticated Device or Provider table). Default is '''off''', which keeps the previous behavior (any client IP is allowed, subject to normal API settings and permissions).

If you enable restriction while '''no''' Whitelisted IP has '''Allow API access''' checked, the API tab shows a warning that API calls may be denied until you configure at least one allowed IP on [[Whitelisted IPs]].

Turning '''Allow API globally''' off also clears '''Restrict API access by IP''' when settings are saved.

 
===See also===

* [[Whitelisted IPs]] — '''Allow API access''' per IP (both tables on that page)
* [[MOR API]] — legacy XML API
* [[MOR API v2]] — REST API
* [[Action log]] — optional logging of denied API attempts by IP

 

== Functionality ==

'''SETTINGS –> Setup –> Settings –> Functionality'''
 
===FAX===

* '''Fax device enabled''' – enable/disable Fax device in MOR. When admin enables FAX, Functionality tab appears in Reseller's GUI configuration. He can then enable or disabled fax for his own users himself.
* '''Fax2Email From Sender''' – there is a field "From:" in an email form. When MOR sends Fax to Email, "Fax2Email From Sender" value is displayed in "From:" field.
* '''Allow Users to change FAX email''' - allow simple Users to add/remove/edit FAX emails in FAX Devices.
* '''Fax2Email Email Template''' - [[Emails|email template]] to be used for Fax2Email emails. "None" means the default Asterisk template.
 

===CSV===

* '''CSV Column Separator''' – how columns are separated in imported/exported CSV files.
* '''CSV Decimal Separator''' – how decimal parts in numbers are separated in imported/exported CSV files.
* ''' Archive CSV file when size reaches''' – if CSV file reaches a certain size, the system will archive it to save time to download it (0 means to archive always)
 
===Active Calls===

* '''How many maximum [[Active_Calls|Active Calls]] to show in GUI''' – how many [[Active_Calls| Active Calls]] to show in GUI
* '''[[Active_Calls| Active Calls]] refresh interval''' – [[Active_Calls|Active Calls]] refresh interval in seconds
* '''Show [[Active_Calls|Active Calls]] for Users''' – tick if you want to allow users to see [[Active_Calls|Active Calls]]
* '''Show Servers in [[Active_Calls|Active Calls]]'''
* '''Show DIDs in [[Active_Calls|Active Calls]]'''
* '''Show localized Source in [[Active_Calls|Active Calls]]''' - if set, [[Active_Calls|Active Calls]] will show callerid number after localisations (if any) have been applied.
* '''Show Originators' Device IP in [[Active_Calls|Active Calls]]'''
 

===Last Calls===

* '''Limit PDF size in Last Calls to''' - limits how many pages can be exported from Last Calls to PDF. It takes a lot of system resources to generate PDF files therefore this limit should be low enough to prevent high load on system.
* '''Show Device and its CallerID in Last Calls''' – shows additional column in [[Last Calls]] page with Device and its CallerID information. Click to reach that Device settings page.
* '''Show DID User instead of DID Device User in Last Calls''' - if enabled, shows DID User in Last Calls User/Name column instead of DID Device User. This option is relevant when incoming Provider calls DID that belongs to User A and is assigned to User's B Trunk. If option is enabled, User A will be shown. If option is disabled, User B will be shown.
* '''Show Terminated by in Last Calls''' - show Terminated By column in [[Last Calls]], calls CSV/PDF export, and adds the possibility to select this column in [[CDR Export Templates]].
* '''Show Usernames on PDF/CSV Export Files in Last Calls''' – if checked, when a particular User in the Last Calls page search is selected, the Last Calls PDF/CSV file name will be composed also of the Name of selected User. If you are looking for All Users, no User Name will be used. (Name of the User will be shown in Name of the CSV/PDF file).
 

===Tariffs/Rates===

* '''Show rates for users''' – allows users to see rates
* '''Show rates without Tax''' – shows rates without TAX
* '''Show [[Advanced_Rates|Advanced Rates]] for users''' – allows users to see [[Advanced_Rates|Advanced Rates]]
* '''Show zero rates in LCR tariff export:''' – shows zero rates in LCR tariff exported file.
* '''Delete outdated Rates after''' - Delete outdated Rates after some dates.
* '''Show Ghost percent column in Tariffs:''' – if enabled, the Ghost percent column will be shown in the tariff. Default disabled.
NOTE: if [[Custom Rates]] and/or Tariff Rates are set for the user, only the custom rates will be shown in the details of destination rates.
 

===Statement of Account===
* ''' PDF Settings ''' - allows to put Address lines of PDF file for Statement of Account.
*Address line 1: Street Address
*Address line 2: City, Country
*Address line 3: Phone, fax
*Address line 4: Web, email
*Bank details line 1
*Bank details line 2
*Bank details line 3
*Bank details line 4
*Bank details line 5
*Bank details line 6
*Bank details line 7
*Bank details line 8
 

==Privacy==

'''SETTINGS –> Setup –> Settings –> Privacy'''

* '''[[Privacy_to_hide_Destination_ends|Privacy to hide Destination ends]]'''
* '''[[GDPR]] Activated''' – hides User data with notification "Data hidden due GDPR. Press to show data (action will be logged)". Valid for Admin, Accountant, Reseller and Partner.

== Visual ==

'''SETTINGS –> Setup –> Settings –> Visual'''

* '''Items per page (Setting high value can cause performance issues)''' – the number of items to display per one page
* '''[[Global_date_format| Default date format]]''' – System default date format
* '''Default Time Format''' – System default time format
* '''Default Hour Format''' - System default hour format
* '''Default Number Decimal''' – with this option you can set default number decimal for all GUI
* '''Number digits''' – how many digits to display after a comma
* '''Hide Quick Stats in Start page''' – hide Quick stats from start page
* '''Hide "Information about this page" link''' – hide HELP banner in GUI
* '''Hide "I want to" help links'''
* '''[[Remove_Manual_link_from_admin_GUI|Hide "Manual" link]]''' – hides "Manual" link
*'''Hide Provider Payments from User Payment List''' - default off.
* '''Show Full Source (CallerID Name and Number)'''
* '''Use <> brackets in CDR export''' - changes brackets in CDR export
* '''Show only main page''' – this is a very advanced feature for those who want to hide default MOR menu tree on the left so that they could build their own menu using advanced techniques without modifying MOR GUI sources.
* '''Show forgot password''', because this functionality requires a unique email in the system. The setting can be unchecked if all emails are unique in the system.
** '''From Device''' - puts CallerID for the Device that is forwarding the call. If Device CallerID is empty, then the originator's CallerID will be used.
** '''Same as comes - unchanged''' - leaves the CallerID as it comes from the originator.
** '''Same as comes - with Diversion''' - leaves the CallerID as it comes from the original caller and additionally adds SIP header Diversion with CallerID from the Device that is forwarding the call (header will not be added if Device does not have CallerID set).
* '''Show forgot password''' – turns on '''[[MOR_forgot_user_password | Forgot password]]''' functionality.
* '''Show detailed Quick Stats''' - shows modified quick stats of first page.
* '''Show Replication Broken warning only for Admin''' - if enabled, shows Replication Broken warning message only for Admin account.
* '''Change LCR priority by using drag and drop'''
* '''New Menu Active''' - if enabled, changes main menu to the new structure.
* '''Dropdown field in User's subscriptions''' - enables old style Service selection in Subscription form.
* '''Show entered Destination only for Users''' - show the Destination numbers for Users that were entered by them and not Destination numbers after Localization.
* '''Show Company Name column in Users page''' - show "Company Name" column in Users list page.
 

== Server load ==

'''SETTINGS –> Setup –> Settings –> Server load'''
 
Settings for GUI Server and Database Server

* '''HDD utilisation higher than''' – Percentage of CPU time during which I/O requests were issued to the device (bandwidth utilization for the device).
* '''CPU General Load higher than''' – CPU General load higher than – Percentage of the CPU for user processes.
* '''CPU Load Stats 1 higher than''' – average load per one minute on the system
* '''CPU MySQL process higher than''' – Percentage of the CPU for MySQL process
* '''CPU Ruby process higher than''' – Percentage of the CPU for Ruby process
* '''CPU Asterisk process (if present) higher than''' – Percentage of the CPU for Asterisk process
* '''Delete Server Load Stats older than''' – deletes internal servers load statistics older than defined number of days.
 

== Calls ==

'''SETTINGS –> Setup –> Settings –> Calls'''
* '''Retrieve PCAP files from the Proxy Server''' – default off. Works only when CCL module is activated.

* '''SQL Max Execution Time''' - max execution time in seconds for SQL query. The default time is 300 seconds (5 minutes). Used in Statistics pages (Calls List export and similar).
 
[[Archived calls]]
 

== FTP ==
Please fill up FTP server details if you want to store Archived calls or/and Backups to FTP server.

* '''IP''' - Enter FTP server IP.
* '''Port''' - Enter FTP server Port.
* '''Username''' - Enter FTP server Username.
* '''Password''' - Enter FTP server Password.
* '''Path for Archived Calls''' - Enter Path for Archived Calls.
* '''Path for Backups''' - Enter path for Backups.
* '''Path for CDR Export''' - Enter path where to export CDRs.
 

== SFTP ==
Please fill up SFTP server details if you want to use SFTP for [[Automatic CDR Export]].

* '''IP''' - IP of the SFTP server.
* '''Port''' - Port of the SFTP server.
* '''Username''' - Username to connect to SFTP server.
* '''Password''' - Password to connect to SFTP server.
* '''Use SSH key''' - Use SSH key configured as described [[Configure SSH connection between servers|here]].
* '''Path for CDR Export''' - Path in SFTP server where to export CDRs.
* '''Skip CA verification''' - skips SFPT servers CA verification. Try to enable it if the test passes, but if the upload fails. Adds the --insecure option as described here https://curl.se/docs/sslcerts.html
* '''Path to CA Certificate''' - optional. Allows specifying a custom CA store. Adds the --cacert [file] option as described here https://curl.se/docs/sslcerts.html
 

== Security ==
* '''Allow short passwords in devices''' - by default, device passwords are expected to be longer than 7 characters. If enabled, MOR will permit shorter device passwords.
* '''Use strong passwords for users'''
* '''Admin login with approved IP only''' - security measure which allows to approve IP's that try to [[MOR_Login_with_approved_IP%27s|login with Admin Account]].
* '''Enable IP report warning on login failure''' - show [[MOR_Login_Failure_Report|warning]] on unsuccessful login attempts.
* '''Logout after password change''' - terminates all sessions of the User whose password is changed.
* '''Logout after closing browser window''' - terminates all sessions of the User after closing browser window.
* '''Do not logout on session IP change''' - do not logout from MOR GUI if IP is changed.
* '''2FA Enabled''' - Enables two factors authentication. Two factors authentication requires to enter emailed code during login to user account. '''2FA Enabled must be also enable on individual [[User_Details|User settings]] to make it work for that User.'''
** '''Email Template''' - [[Emails|email template]] used to send the code.
** '''Code length (digits)''' - code length.
** '''Code Enter Attempts Allowed''' - number of attempts to enter the code correctly. Code expires after this number of failed attempts.
** '''Code Enter Time Allowed''' - code is valid for this amount of time.
** '''Send Notification Email to Admin on Login''' - allows admin to get email notification on login.
*** '''Email Template''' - [[Emails|email template]] used to notify admin.
*** '''On Admin Login''' - get notification on login to Admin's account.
*** '''On User Login''' - get notification on login to User's accounts.
** '''Send Notification Email on Login''' - allows this mailbox to get email notification on login.
*** '''Email Template''' - [[Emails|email template]] used to notify.
*** '''On Admin Login''' - get notification on login to Admin's account.
*** '''On User Login''' - get notification on login to User's accounts.
 

=See also=

* [[Server is overloaded]]

Whitelisted IPs

2026-06-02T16:28:27Z

Admin:

'''Whitelisted IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled.

From the Admin account, go to '''SETTINGS -> Security -> Whitelisted IPs''' to manage Whitelisted IPs.

An IP can be whitelisted by entering valid input values and by clicking the '''Whitelist''' icon.

'''The range of IPs''' can be added in a format like '''192.168.0.1-5''', which would result in multiple entries being created (192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4 and 192.168.0.5).

All the Whitelisted changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:mor_whitelist_ips_list.png]]
 
The Comment can be added to the Reason field. If the Reason is not specified, then it will be set to "MOR-WHITELIST-GUI".

If the country to which the IP belongs is blocked in [[Blocked Countries]], but the IP is added to '''Whitelisted IPs''', it means that the whole country is blocked except for the whitelisted IP.

'''Search''' functionality allows checking if the entered IP exists in the list.

Wildcard '''%''' is available to use in the search.

 
= Whitelisted IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be whitelisted as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.
 

 
= Allow API access =

Each entry on the '''Whitelisted IPs''' page can be marked '''Allow API access'''. This flag does '''not''' change whether the server accepts network traffic from that IP (GUI whitelist and IP-authenticated device rules work as before). It only controls whether that IP may use the [[MOR API]] and [[MOR API v2]] when '''Restrict API access by IP''' is turned on under [[Configuration from GUI]].

 
==== GUI whitelist (upper table) ====

The upper table lists IPs added through '''Whitelisted IPs''' (network whitelist managed from the GUI). For each row you can:

* Set '''Allow API access''' when adding a new IP (checkbox in the add row).
* Toggle '''Allow API access''' on '''active''' rows (checkbox in the list). The checkbox is not available while a row is still being applied or removed (grey “in progress” state — same as '''Remove''').
* Single IPs and CIDR prefixes (for example, <code>198.51.100.0/24</code>) are supported for API matching when the flag is enabled.

 
==== IP authenticated Device or Provider (lower table) ====

The lower table lists IPs taken from the'''IP authenticated Device or Provider''' configuration (devices or providers that authenticate by source IP). These are '''not''' the same as GUI whitelist rows, but you can grant them API access the same way:

* Use the '''Allow API access''' column to allow or deny API calls from that IP when '''Restrict API access by IP''' is enabled.
* Checking or clearing the box affects '''API access only'''. It does '''not''' add or remove the device’s IP-authentication or SIP whitelist rules on the server.

If the same IPv4 address appears in both tables, either entry with '''Allow API access''' enabled is sufficient for API calls when the restriction is in effect.

 
==== When restriction is enabled ====

With '''Restrict API access by IP''' enabled (see [[Configuration from GUI]]):

* Legacy XML API and [[MOR API v2]] requests are accepted only from client IPv4 addresses that match a row with '''Allow API access''' enabled (exact IP or CIDR).
* Rows that are still being whitelisted in the GUI (pending state) are treated as allowed for API purposes for a short time so you are not locked out while the server applies the change.
* If restriction is on and '''no''' row has '''Allow API access''' enabled, API calls are denied until you flag at least one IP on this page or in API settings.

The diagnostic endpoint '''GET /api/v2/ip_access/status''' (see [[MOR API v2]]) remains available to check an IP's block/whitelist status; it is not blocked by this restriction. Other API permissions (user ACL, Allow API globally, and so on) still apply.

Denied API calls from disallowed client IPs may be logged in the [[Action log]] (first deny per client IP within a short interval). Further repeated denials from the same IP are limited to reduce log noise.

 
= See also =

* [[Blocked IPs]]
* [[How to block someone's IP]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Monitorings Addon]]
* [[Configuration from GUI]] — '''Restrict API access by IP''' and '''Allow API globally'''
* [[MOR API]] — legacy XML API
* [[MOR API v2]] — REST API, including IP access status
* [[Monitorings Addon]] — block/whitelist monitoring features
* [[Blocked IPs]] — block list (separate from API allow flag)

Whitelisted IPs

2026-06-02T16:27:40Z

Admin:

'''Whitelisted IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled.

From the Admin account, go to '''SETTINGS -> Security -> Whitelisted IPs''' to manage Whitelisted IPs.

An IP can be whitelisted by entering valid input values and by clicking the '''Whitelist''' icon.

'''The range of IPs''' can be added in a format like '''192.168.0.1-5''', which would result in multiple entries being created (192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4 and 192.168.0.5).

All the Whitelisted changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:mor_whitelist_ips_list.png]]
 
The Comment can be added to the Reason field. If the Reason is not specified, then it will be set to "MOR-WHITELIST-GUI".

If the country to which the IP belongs is blocked in [[Blocked Countries]], but the IP is added to '''Whitelisted IPs''', it means that the whole country is blocked except for the whitelisted IP.

'''Search''' functionality allows checking if the entered IP exists in the list.

Wildcard '''%''' is available to use in the search.

 
= Whitelisted IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be whitelisted as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.
 

 
=== Allow API access ===

Each entry on the '''Whitelisted IPs''' page can be marked '''Allow API access'''. This flag does '''not''' change whether the server accepts network traffic from that IP (GUI whitelist and IP-authenticated device rules work as before). It only controls whether that IP may use the [[MOR API]] and [[MOR API v2]] when '''Restrict API access by IP''' is turned on under [[Configuration from GUI]].

 
==== GUI whitelist (upper table) ====

The upper table lists IPs added through '''Whitelisted IPs''' (network whitelist managed from the GUI). For each row you can:

* Set '''Allow API access''' when adding a new IP (checkbox in the add row).
* Toggle '''Allow API access''' on '''active''' rows (checkbox in the list). The checkbox is not available while a row is still being applied or removed (grey “in progress” state — same as '''Remove''').
* Single IPs and CIDR prefixes (for example, <code>198.51.100.0/24</code>) are supported for API matching when the flag is enabled.

 
==== IP authenticated Device or Provider (lower table) ====

The lower table lists IPs taken from the'''IP authenticated Device or Provider''' configuration (devices or providers that authenticate by source IP). These are '''not''' the same as GUI whitelist rows, but you can grant them API access the same way:

* Use the '''Allow API access''' column to allow or deny API calls from that IP when '''Restrict API access by IP''' is enabled.
* Checking or clearing the box affects '''API access only'''. It does '''not''' add or remove the device’s IP-authentication or SIP whitelist rules on the server.

If the same IPv4 address appears in both tables, either entry with '''Allow API access''' enabled is sufficient for API calls when the restriction is in effect.

 
==== When restriction is enabled ====

With '''Restrict API access by IP''' enabled (see [[Configuration from GUI]]):

* Legacy XML API and [[MOR API v2]] requests are accepted only from client IPv4 addresses that match a row with '''Allow API access''' enabled (exact IP or CIDR).
* Rows that are still being whitelisted in the GUI (pending state) are treated as allowed for API purposes for a short time so you are not locked out while the server applies the change.
* If restriction is on and '''no''' row has '''Allow API access''' enabled, API calls are denied until you flag at least one IP on this page or in API settings.

The diagnostic endpoint '''GET /api/v2/ip_access/status''' (see [[MOR API v2]]) remains available to check an IP's block/whitelist status; it is not blocked by this restriction. Other API permissions (user ACL, Allow API globally, and so on) still apply.

Denied API calls from disallowed client IPs may be logged in the [[Action log]] (first deny per client IP within a short interval). Further repeated denials from the same IP are limited to reduce log noise.

 
= See also =

* [[Blocked IPs]]
* [[How to block someone's IP]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Monitorings Addon]]
* [[Configuration from GUI]] — '''Restrict API access by IP''' and '''Allow API globally'''
* [[MOR API]] — legacy XML API
* [[MOR API v2]] — REST API, including IP access status
* [[Monitorings Addon]] — block/whitelist monitoring features
* [[Blocked IPs]] — block list (separate from API allow flag)

MOR - Blocked IPs

2026-06-02T14:32:07Z

Admin: /* Blocked IP format */

This page allows you to block IP addresses in the MOR's GUI.

'''Blocked IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled. From Admin account, go to '''Security -> Blocked IPs''' to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the '''Block''' icon. The to-be-blocked IP '''must not''' be local or a current server IP. By clicking on the Unblock icon, an IP is unblocked. All the blocking/unblocking changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:Mor blocked ips list.png]]
 
When IP is blocked manually, the reason is: MOR-BLOCKED-IP-FROM-GUI. When IP is automatically blocked by MOR, the reason says: fail2ban-AST_CLI_Attack. Below you see an example of how it looks in the GUI:
 
[[File:Blocekd_IPs_example.png]]
 
Explanation of the values given in the '''Reason''' column can be found [[How_to_be_secure_using_MOR#Additional_software_to_increase_MOR_system_security|here]]. Reason "INPUT" means that IP was blocked manually by using these instructions: [[How to block someone%27s IP]]
 
Reasons why IP was not blocked: 
IP is incorrect or blank 
IP is already blocked for this server 
Cannot block server IP 
IP address is private 
IP address is local 

You can search blocked IP. Possible search by a single IP or for the range using wildcard ''%'', like in the example.
 
[[File:blocked_ips_search_mor.png]]
 
= Blocked IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be automatically converted to the canonical format. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.

 

=See Also=

* [[How to block someone's IP with iptables]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Whitelisted IPs]]

MOR - Blocked IPs

2026-06-02T14:31:54Z

Admin: /* See Also */

This page allows you to block IP addresses in the MOR's GUI.

'''Blocked IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled. From Admin account, go to '''Security -> Blocked IPs''' to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the '''Block''' icon. The to-be-blocked IP '''must not''' be local or a current server IP. By clicking on the Unblock icon, an IP is unblocked. All the blocking/unblocking changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
 
[[File:Mor blocked ips list.png]]
 
When IP is blocked manually, the reason is: MOR-BLOCKED-IP-FROM-GUI. When IP is automatically blocked by MOR, the reason says: fail2ban-AST_CLI_Attack. Below you see an example of how it looks in the GUI:
 
[[File:Blocekd_IPs_example.png]]
 
Explanation of the values given in the '''Reason''' column can be found [[How_to_be_secure_using_MOR#Additional_software_to_increase_MOR_system_security|here]]. Reason "INPUT" means that IP was blocked manually by using these instructions: [[How to block someone%27s IP]]
 
Reasons why IP was not blocked: 
IP is incorrect or blank 
IP is already blocked for this server 
Cannot block server IP 
IP address is private 
IP address is local 

You can search blocked IP. Possible search by a single IP or for the range using wildcard ''%'', like in the example.
 
[[File:blocked_ips_search_mor.png]]
= Blocked IP format =
It is possible to block IPs in such a format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be automatically converted to the canonical format. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.

 
=See Also=

* [[How to block someone's IP with iptables]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]
* [[Whitelisted IPs]]

Automatic CDR Export

2026-06-02T14:16:03Z

Admin:

Automatic CDR Export allows to create periodic CDR Export tasks that will be executed automatically on configured time with specific query parameters. Exported data will be archived and sent via Email to User or specific Email address.

==CDR Export Templates==

Automatic CDR Export requires to create at least one [[CDR_Export_Templates|CDR Export Template]] so be sure to create one before proceeding.

==Automatic CDR Export==

Automatic CDR export is configured in '''SETTINGS''' -> '''Billing''' -> '''CDR''' -> '''Export''' -> '''Automatic''':

[[File:Automatic cdr export menu.png]]

Here you will find a list of already configured Automatic CDR Exports:

[[File:Mor automatic cdr export list.png]]

In this list you may active/deactive CDR export tasks, edit or delete existing tasks and create new ones by pressing '''Add new Automatic CDR Export'''.

Note that '''Last run at''' and '''Next run at''' are shown in timezone defined by '''Time Zone''' setting.

==New Automatic CDR Export==

[[File:Automatic cdr export create.png]]

When creating new Automatic CDR Export you will see two sections: '''Query''' and '''Settings'''.

===Query section===

This section is very similar to filters in Last Calls page. You can set various filters for CDR Export query. These filters work in the same way as they work in Last Call page therefore you may test you query in Last Calls page and if you are happy with result, set same parameters in this Query section.

Note that date filters (From and Till) are missing. These filters depend on CDR Export '''Repeat period''' and will be described bellow.

===Settings section===

====Name====

Name is only for information purposes. This name is shown in Automatic CDR Export list.

====Time Zone====

Time Zone is important setting and should be set correctly depending on situation. All other time related settings will use this Time Zone.

For example, if you want to generate daily CDR Export to your User who lives in specific region, let’s say London, you should set timezone to '''GMT (+00:00) London'''. This way User will get CDR data starting from 00:00:00 till 23:59:59 '''in User’s timezone'''.

Server and User may be in different timezones therefore it is important to set Time Zone to User’s timezone if you intend to generate CDR for this User.

Another thing to consider is when you set '''Start CDR Export at''' setting (will be described later). This variable will also depends on Time Zone setting. For example, maybe you server off-peer hours are 00:00:00 - 06:00:00, but in selected Time Zone off-peer hours may be different.

====Repeat period====

Repeat period defines how often CDR Export is executed and which period is used for data retrieval. For this reason Query section is missing From and Till.

Note that this setting depends on Time Zone variable.

=====Hourly=====

CDR export will be executed each hour. CDR data will correspond to whole '''previous''' hour.

For example, if CDR export was executed on 2016-11-11 10:00:00, then CDR will be for 2016-11-11 09:00:00 - 2016-11-11 09:59:59 period.

In other words, it will work as if you set From to 2016-11-11 09:00:00 and Till to 2016-11-11 09:59:59 in date filters.

=====Daily=====

CDR export will be executed each day. CDR data will correspond to whole '''previous''' day.

For example, if CDR export was executed on 2016-11-11 00:00:00, then CDR will be for 2016-11-10 00:00:00 - 2016-11-10 23:59:59 period.

=====Weekly=====

CDR export will be executed each week. CDR data will correspond to whole '''previous''' week.

For example, if CDR export was executed on 2016-11-14 00:00:00 (monday), then CDR will be for 2016-11-07 00:00:00 (monday) - 2016-11-13 23:59:59 (sunday) period. Data period is always monday - sunday.

=====Bi-weekly=====

CDR export will be executed each twice a month. CDR data will correspond either to 1-15 day of month or 16 - end of month.

For example, if CDR export was executed on 2016-11-16 00:00:00, then CDR will be for 2016-11-01 00:00:00 - 2016-11-15 23:59:59 period. If CDR export was executed on 2016-12-01 00:00:00, then CDR will be for 2016-11-16 00:00:00 - 2016-11-30 23:59:59 period.

=====Monthly=====

CDR export will be executed each month. CDR data will correspond to whole '''previous''' month.

For example, if CDR export was executed on 2016-11-01 00:00:00, then CDR will be for 2016-10-01 00:00:00 - 2016-10-31 23:59:59 period. Data period is always first day of the month - last day of the month (whole month).

If you choose specific day of the month, for example, 15, then CDR will be generated for 2016-10-15 00:00:00 - 2016-11-14 23:59:59 and will be sent at 2016-11-15 00:00:00

*Example.
Today is 15th of April.
If we choose 14th or 15th day (Past or Today), then CDR will be generated only next month.
If we choose 17th day (Future), then CDR will be generated for previous month till 16th of April 23:59:59

=====Only once=====

CDR export will be executed on specific date and time. Also, in Query section two additional filters will be displayed - From and Till. These filters allow to specify date period for CDR Export query (in selected Time Zone).

====Start CDR Export at====

If you have selected '''Daily''', '''Weekly''', '''Bi-weekly''' or '''Monthly''' periods, you may select specific hours when Automatic CDR export should be executed. This is useful because you may choose off-peek hours. Automatic CDR Export is executed only during selected hour period.

If you have selected '''Only once''' period, you have to set full date (days and hours). This is because '''Only once''' is not periodic and should have specific date and time.

Things to consider:

* Choose off-peek hours, this will reduce load on system;
* Be carefull when midnight is selected (00:00) because User may start new Call just before midnight and that Call may last for more than an hour. In this case, you may want to start CDR export few hours after midnight so all User’s Calls have time to finish;
* Hourly period may be inaccurate for the reason described above.

Note that this setting depends on Time Zone variable.

====Template====

Select which [[CDR_Export_Templates|CDR Export Template]] to use.

====Filename Prefix====

Select a prefix of how file name will be started from.

==== Archive extension====

Select extension type to archive: tgz, zip or gzip

====Send CDR to====

Select who should receive CDR Export. It can be either User, a specific Email address, an FTP, or an SFTP server. If User is selected then Email address will be taken from Users settings (make sure that User has email).

Also make sure that email sending is configured correctly.

CDRs will be '''archived''' and sent to User/Email.

If archive is sent successfully, User should receive success email which can be customised in [[Email_variables#CDR_Export|Emails]] settings. CDR archive will be attached.

'''Note:''' archive size is limited to '''10MB'''! If CDR archive is larger, then archive will not be sent via Email and User will receive error Email instead.

'''Note:''' if '''Custom Email''' option is yous and you want to send CDRs to more than one email, please separate the emails with ''';''' sign.

'''FTP''' - Please fill FTP server details at [https://wiki.kolmisoft.com/index.php/Configuration_from_GUI#FTP FTP] tab.

'''SFTP''' - Please fill SFTP server details at [https://wiki.kolmisoft.com/index.php/Configuration_from_GUI#SFTP SFTP] tab.

==Next run at==

In Automatic CDR Export list you should see '''Next run at''' column. This shows date and time (in selected Timezone) when CDR export will be executed.

What happens when you create new Automatic CDR Export? When CDR Export will be executed? It depends on Repeat period. New Automatic CDR Export is executed '''on next period'''. For example, if you have created '''Hourly''' Automatic CDR Export on 2016-11-11 09:11:45, then the first time CDR Export is executed will be on 2016-11-11 10:00:00.

If you have created '''Daily''' Automatic CDR Export on 2016-11-11 09:11:45, then the first time CDR Export is executed will be on 2016-11-12 00:00:00.

If you have created '''Monthly''' Automatic CDR Export on 2016-11-11 09:11:45, then the first time CDR Export is executed will be on 2016-12-01 00:00:00.

Of course hours may be different depending on '''Start CDR Export at''', but the idea is that CDR Export is executed on next period, either it is next hour, next day, next week or next month.

==File names==

CDR Export output is a CSV file compressed in tgz archive. Filename is based on dates, for example if CDR Export was executed for 2016-11-01 00:00:00 - 2016-11-30 23:59:59 period, then file names will be:

'''CSV filename:''' MOR_CDR_export_20161122_000000_20161122_235959.csv 
'''TGZ filename:''' MOR_CDR_export_20161122_000000_20161122_235959.tgz

==CDR Export and performance==

CDR Export is resource intensive task. Consider having as little Automatic CDR Export tasks as possible. Also shorter Repeat periods have better peformance.

It is advisable to set '''Start CDR Export at''' to off-peak hours. Also,''' Start CDR Export at''' allows to spread tasks across hours during the day.

==How old CDR Export tasks are handled==

There might be situations when script responsible for CDR Export functionality was not running for long time. What happens to all CDRs that were supposed to be generated during that time when script was not running? Only single CDR for latest period will be generated. This is done intentionally to prevent high amount of CDR Export tasks to run at a time.

For example, if '''Monthly''' CDR Export tasks was created on January but for some reason CDR Export script was not executed until November, then CDR Export for January-September will be skipped. Script will generate CDR Export for October and sets '''Next run at''' to December.

This logic does not apply to '''Only once''' period. All tasks with '''Only once''' period will be executed.

==See also==

[[CDR_Export_Templates|CDR Export Templates]] 
[[Email_variables#CDR_Export|Emails Templates variables]]

MOR API v2 user assign provider

2026-06-02T13:29:55Z

Admin: Created page with "Assign or unassign an unassigned provider trunk to a simple user so the provider can place calls using that user's balance — the same workflow as Configure Provider which can make calls in the GUI. == GUI equivalent == '''Who may use the API:''' Admin, Accountant (with the rights below), or Reseller when provider management is allowed for that reseller. Simple users cannot assign providers...."

Assign or unassign an unassigned [[Providers|provider]] trunk to a simple [[Users|user]] so the provider can place calls using that user's balance — the same workflow as [[Configure Provider which can make calls|Configure Provider which can make calls]] in the GUI.

 
== GUI equivalent ==

'''Who may use the API:''' Admin, Accountant (with the rights below), or Reseller when provider management is allowed for that reseller. Simple users cannot assign providers.

'''Menu path (admin / accountant):''' '''SETTINGS → Users → Users''' — open the '''Devices''' link for a simple user, then use '''Assign Provider''' to pick an unassigned provider. To remove an assignment, open the [[Providers|provider]] and use '''Unassign provider''' (or the unassign action from the user's Devices view when shown).

'''Restrictions (same as GUI):''' The path user must be a simple user (not a reseller or accountant). The provider must be unassigned before being assigned. A user may have more than one provider assigned.

 
== Authentication ==

[[MOR API v2]] Bearer JWT — obtain a token via <code>POST /billing/api/v2/authentication/login</code> (see [[MOR API v2#Usage|Usage]] on the hub page).

 
== API permission methods ==

When the authenticated user has API restrictions enabled, the user's API permission group must grant:

{| class="wikitable"
|-
! API method key !! Permission (Write) !! Used for
|-
| <code>v2_users_assign_provider</code> || Assign Provider to User || <code>POST …/assign_provider</code>
|-
| <code>v2_users_unassign_provider</code> || Unassign Provider from User || <code>DELETE …/assign_provider</code>
|}

See [[How to block access to some API functions]] for restricting API methods per user.

 
== Accountant GUI rights ==

In addition to the API methods above, an accountant needs write access on all of:

* <code>acc_device_manage</code> (Devices)
* <code>manage_provider</code> (Providers)
* <code>user_manage</code> (Users)

See [[Accountant permissions]] for how accountant groups are configured.

 
== Reseller ==

Allowed only when the reseller is permitted to manage providers (same rule as legacy provider API write access). The target user must belong to that reseller.

 
== Assign provider ==

<code>POST /billing/api/v2/users/{id}/assign_provider</code>

'''Path'''

* <code>{id}</code> — target simple user id.

'''JSON body'''

{| class="wikitable"
|-
! Field !! Required !! Description
|-
| <code>provider_id</code> || yes* || Provider id to assign.
|-
| <code>provider_device_id</code> || no || Provider trunk device id (GUI <code>provdevice</code>). Ignored when <code>provider_id</code> is present.
|}

*One of <code>provider_id</code> or <code>provider_device_id</code> is required.

'''Success (200)'''

<pre>
{
"status": "assigned",
"user_id": 123,
"provider_id": 1,
"device_id": 456,
"warnings": []
}
</pre>

'''warnings''' may contain a localized hint when another provider under the same owner shares the same registration (login, password, IP, and port) — the same caution as the GUI '''Avoid routing problems''' message.

If the device extension configuration fails after assignment, the API returns <code>422</code> and does not mark the assignment as successful (stricter than the GUI, which may show a partial state).

 
== Unassign provider ==

<code>DELETE /billing/api/v2/users/{id}/assign_provider</code>

'''Path'''

* <code>{id}</code> — same simple user as assign.

'''Query parameters (preferred for automation)'''

{| class="wikitable"
|-
! Parameter !! Required !! Description
|-
| <code>provider_id</code> || yes* || Provider id to remove from this user.
|-
| <code>provider_device_id</code> || no || Provider trunk device id. Ignored when <code>provider_id</code> is set.
|}

*One of <code>provider_id</code> or <code>provider_device_id</code> is required.

'''Success (200)'''

<pre>
{
"status": "unassigned",
"user_id": 123,
"provider_id": 1,
"device_id": 456
}
</pre>

Unassign is blocked when the provider device still has CLIs configured (same as the GUI).

 
== Errors ==

{| class="wikitable"
|-
! HTTP !! Typical cause
|-
| <code>401</code> || Invalid or missing JWT, API disabled, missing accountant/reseller rights, or API method not permitted (<code>v2_users_assign_provider</code> / <code>v2_users_unassign_provider</code>).
|-
| <code>403</code> || Target user not under the authenticated owner (forbidden).
|-
| <code>404</code> || User or provider not found, or provider not available for assignment (already assigned / wrong owner).
|-
| <code>422</code> || Path user is not a simple user; provider already assigned; provider not assigned to this user; CLIs block unassign; assign rolled back after extension configuration failure.
|}

 
== Examples ==

'''Assign'''

<pre>
curl -s -X POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" \
-d '{"provider_id":1}' \
"https://example.com/billing/api/v2/users/123/assign_provider"
</pre>

'''Unassign'''

<pre>
curl -s -X DELETE -H "Authorization: Bearer $TOKEN" \
"https://example.com/billing/api/v2/users/123/assign_provider?provider_id=1"
</pre>

 
= See also =

* [[MOR API v2]] — authentication and OpenAPI (<code>/billing/api/v2/api-docs/</code>)
* [[Configure Provider which can make calls]] — product workflow and balance behaviour
* [[Providers]] — creating and editing providers
* [[Users]] — simple users and devices
* [[Accountant permissions]] — accountant group rights
* [[How to block access to some API functions]] — per-user API method groups

MOR API v2

2026-06-02T13:28:50Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User
 

=Usage=

Open GUI using MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) to the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token to '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 
== Users ==

* '''[[MOR API v2 user_assign_provider|user_assign_provider]]''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2

2026-06-02T13:27:27Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User
 

=Usage=

Open GUI using MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) to the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token to '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 
== Users ==

* '''assign_provider''' — Assign or unassign an unassigned [[Providers|provider]] to a simple [[Users|user]].

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2 ring groups

2026-06-02T11:42:24Z

Admin: Created page with "== Ring Groups == List ring groups with member device extensions and caller IDs (MOR API v2). === Authentication === Bearer JWT — same as other MOR API v2 endpoints. Obtain a token via <code>POST /api/v2/authentication/login</code>. === Endpoint === <code>GET /api/v2/ring_groups</code> === Authorization === * Admin — allowed when PBX addon is active. * Accountant — requires <code>manage_ring_groups</code> (read) and API method <code>v2_ring_groups_index<..."

== Ring Groups ==

List ring groups with member device extensions and caller IDs (MOR API v2).

=== Authentication ===

Bearer JWT — same as other [[MOR API v2]] endpoints. Obtain a token via <code>POST /api/v2/authentication/login</code>.

=== Endpoint ===

<code>GET /api/v2/ring_groups</code>

=== Authorization ===

* Admin — allowed when PBX addon is active.
* Accountant — requires <code>manage_ring_groups</code> (read) and API method <code>v2_ring_groups_index</code> granted on the user's API permission group when API restrictions apply.
* User / Reseller — not supported.

=== Query parameters ===

{| class="wikitable"
|-
! Parameter !! Description
|-
| <code>search_name</code> || Filter by ring group name (LIKE on dialplan name).
|-
| <code>search_extension</code> || Filter by ring group local extension (LIKE on dialplan extension).
|-
| <code>from</code> || 1-based offset for pagination.
|-
| <code>max_results</code> || Page size. When omitted, all matching rows are returned.
|}

=== Response (200) ===

<pre>
{
"ring_groups": [
{
"id": 1,
"name": "RGname",
"extension": "100",
"comment": "",
"timeout": 60,
"strategy": "ringall",
"cid_prefix": "",
"pbx_pool_id": 1,
"inbound_dids": ["+37060011244"],
"members": [
{
"device_id": 3,
"priority": 0,
"device_type": "SIP",
"device_name": "101",
"extension": "101",
"callerid": "+37060000101"
}
]
}
],
"meta": { "from": 1, "max_results": 500, "returned": 1 }
}
</pre>

=== Errors ===

* <code>401</code> — missing/invalid token, insufficient GUI rights, or API method not permitted.
* <code>403</code> — PBX addon inactive (<code>You are not authorized to view this page</code>).

=== Notes ===

* Use this endpoint to export ring group names and member numbers. <code>GET /api/v2/dids</code> only shows inbound DIDs routed to a ring group dialplan, not member devices.
* Member <code>extension</code> and <code>callerid</code> come from the device record. Additional numbers stored only as device CLIs are not included in v1.
* Clients may build a flat phone list per group from non-empty <code>members[].extension</code> and <code>members[].callerid</code>.

= See also =

* [[MOR API v2]]
* [[MOR API v2 DIDs]]

MOR API v2

2026-06-02T11:39:52Z

Admin: /* APIs */

=About=
MOR API lets other software interact with MOR without knowing the internal structure of the database (DB) and other logic.
 

=MOR users that are allowed to use the MOR API=
* Admin
* Reseller
* Accountant
* Simple User
 

=Usage=

Open GUI using MOR IP/domain http://IP_or_Domain/billing/api/v2/api-docs/.

Press on '''Authorize''' and enter User credentials (Admin, Manager, Reseller, or User) to the '''basicAuth''' field and press '''Authorize'''.

[[File:MOR_api_v2_basicAuth.png]]

[[File:MOR_api_v2_basicAuth_login.png]]

Copy the token and use it for JWT authentication.

[[File:MOR_api_v2_user_auth.png]]

[[File:MOR_api_v2_user_auth_execute.png]]

[[File:MOR_api_v2_user_auth_token.png]]

Enter the token to '''bearerAuthorization''' authorization field and press '''Authorize'''.

[[File:MOR_api_v2_bearerAuthorization.png]]

You can now use the available APIs. Expand them to see the documentation.
 

=APIs=

==Active Calls==
* [[MOR_API_drop_active_calls|drop_active_calls]] - drop active calls.
 

==Calls==
* [[MOR_API_v2_Calls|retrieve_calls]] - retrieves the list of calls in the selected time period for the specified User/Device.
 

== DIDs ==
* [[MOR API v2 DIDs|dids]] — list DIDs visible to the authenticated admin or accountant (JSON).
 

==Flash Calls==
* [[MOR API flash calls|flash_calls]] - initiate a Flash Call.

 
== Ring Groups ==
* [[MOR API v2 ring_groups|ring_groups]] - List ring groups with member device extensions and caller IDs.

 

==Security==

* [[MOR API IP access|ip_access]] - Read-only check whether an IPv4 address appears in MOR Monitorings block/whitelist lists.

 
==AI Transcriptions==
* [[MOR API Transcriptions AI|AI Transcriptions]] - recording voice-to-text.

MOR API v2 DIDs

2026-06-02T10:18:09Z

Admin: /* Returns */

List DIDs via [[MOR API v2]].

 
== Documentation ==

Full MOR REST API documentation is available at <code>/billing/api/v2/api-docs/</code>.

 
== Description ==

The DIDs API retrieves the list of DIDs visible to the authenticated '''admin''' or '''accountant''' user. Responses are JSON. The same data scope and VoiceAI integration fields as legacy [[MOR API dids get|dids_get]] apply. Authentication follows [[MOR API v2#Usage|Usage]] on the parent page (JWT via Basic login).

Only '''admin''' and '''accountant''' users may call this endpoint. '''Reseller''' and '''simple user''' accounts receive HTTP 401.

 
== API ==

'''Endpoint:''' <code>GET /billing/api/v2/dids</code>

Query parameters (all optional):

* '''search_did_number''' — filter by DID number (SQL LIKE partial match)
* '''search_status''' — lifecycle filter: '''free''', '''reserved''', '''active''', '''closed''', '''terminated''' (lowercase; see '''did_status''' in the response)
* '''search_hide_terminated_dids''' — '''1''' hide terminated DIDs, '''0''' show
* '''from''' — '''1-based''' index of the first record to return (pagination; same as legacy '''dids_get''')
* '''max_results''' — page size. When omitted, the server returns all matching rows (legacy parity). Integrators with large inventories should paginate (for example '''max_results=500''').

 
=== Authentication ===

The DIDs API requires the same authentication as other [[MOR API v2]] endpoints: Basic authentication to obtain a JWT, then a Bearer token on each request. See [[MOR API v2#Usage|Usage]] on the parent page.

'''Basic authentication (login)''' 
<code>POST /billing/api/v2/authentication/login</code> with HTTP Authorization header <code>Basic base64(username:password)</code>. Use the user's '''GUI password''' (the same password as for the MOR web interface), not the global API Secret Key.

Example:

<pre>
POST http://<SERVER_IP>/billing/api/v2/authentication/login HTTP/1.1
Authorization: Basic <base64(accountant:password)>
</pre>

'''JWT authentication (list DIDs)''' 
Pass the <code>access_token</code> from login in the Authorization header. The access token is valid for 15 minutes; use <code>/billing/api/v2/authentication/refresh</code> before expiry.

Example:

<pre>
GET http://<SERVER_IP>/billing/api/v2/dids?search_status=free&from=1&max_results=500
Authorization: Bearer <access_token>
</pre>

 
=== Authorization and visibility ===

* '''Accountant''' users need '''Manage DIDs''' read permission on their accountant permission group; otherwise the API returns HTTP 401 with <code>{"errors":"Unauthorized"}</code>.
* When '''API restricted''' is enabled on the user and an API permission group is assigned, the logical method '''dids_get''' must be allowed in that group (for example the '''VoiceAI DIDs Reader''' preset); otherwise the response is HTTP 401 with <code>{"errors":"API method not permitted: dids_get"}</code>.
* '''Admin''' and '''accountant''' (with Manage DIDs) see system-wide DIDs. '''Reseller''' and '''simple user''' are not permitted on this v2 endpoint.
* Fields such as '''provider''' and '''dial_plan''' are included for admin and accountant responses only.

 
=== Integration user setup ===

Typical read-only DID inventory integration (for example, VoiceAI sync):

# SETTINGS → Setup → '''Accountant Permissions''' — grant '''Manage DIDs''' read on the integration accountant's group.
# SETTINGS → Setup → '''API Permission Groups''' — create or use a group that allows '''dids_get''' read (preset: '''VoiceAI DIDs Reader''').
# SETTINGS → Users — create or edit an '''accountant''' user; enable '''API restricted''' and assign the API permission group.
# Enable API globally (SETTINGS → Setup → Settings → '''API''' tab).
# Authenticate with that accountant's username and '''GUI password''' via <code>/billing/api/v2/authentication/login</code>; call <code>GET /billing/api/v2/dids</code> with the returned Bearer token.

 
=== Returns ===

'''Success (HTTP 200)'''

<pre>
{
"dids": [
{
"id": 6501,
"did": "37066105718",
"did_number": "37066105718",
"status": "Active",
"did_status": "active",
"ai_agent_compatible": true,
"routes_to_openai_project_id": "proj_xxx",
"updated_at": "2026-05-27T07:35:57Z",
"owner": "User Resellers",
"device": "IAX2/105",
"provider": "Test Provider",
"dial_plan": "testDialPlan (authbypin)",
"did_status": "closed",
"device_id": 2,
"user_id": 2,
"reserved_for_user_till": "2026-06-09T12:00:00Z"
}
],
"meta": {
"from": 1,
"max_results": 500,
"returned": 42
}
}
</pre>

'''DID object fields'''

* '''id''' — DID record ID in the MOR database
* '''did''' / '''did_number''' — same DID number string (both returned for compatibility)
* '''status''' — capitalized GUI label (for example '''Active''')
* '''did_status''' — lowercase lifecycle value from the database (for example '''free''', '''active''', '''reserved''') — use for machine parsing
* '''ai_agent_compatible''' — '''true''' or '''false''' when the VoiceAI column exists on the server; omitted when the column is absent
* '''routes_to_openai_project_id''' — VoiceAI routing target (may be empty)
* '''updated_at''' — last change in RFC3339 UTC with '''Z''' suffix (for example '''2026-05-27T07:35:57Z'''); omitted when not set. See [[MOR API#Useful to know|Useful to know]] (API values are not reformatted by GUI date settings).
* '''device_id''' — integer; omitted when not assigned (no positive device ID).
* '''user_id''' — integer; omitted when not assigned (no positive user ID).
* '''reserved_for_user_till''' — RFC3339 UTC with '''Z''' when '''did_status''' is '''closed''' and a reservation end time is set; omitted otherwise (same semantics as legacy [[MOR API dids get|dids_get]] XML).
* '''owner''' — user display name
* '''device''' — assigned device label
* '''provider''' — provider name (admin/accountant only)
* '''dial_plan''' — dial plan name and type (admin/accountant only)

'''meta object'''

* '''from''' — 1-based offset used for this page
* '''max_results''' — page size requested (<code>null</code> when omitted in the request)
* '''returned''' — number of DID objects in this response

'''Empty result (HTTP 200)'''

<pre>
{
"dids": [],
"meta": {
"from": 1,
"max_results": null,
"returned": 0
}
}
</pre>

 

=== Errors ===

Errors are JSON and HTTP 401 unless noted. The DIDs endpoint uses an '''errors''' string; the login endpoint uses '''error'''.

{| class="wikitable"
|-
! Condition !! HTTP !! Example body
|-
| Invalid or missing JWT || 401 || <code>{"errors":"Invalid token value"}</code>
|-
| API disabled globally || 401 || <code>{"errors":"API Requests are disabled"}</code>
|-
| Wrong login password || 401 || <code>{"error":"unauthorized"}</code> (login endpoint)
|-
| User type not allowed (reseller, simple user) || 401 || <code>{"errors":"Unauthorized"}</code>
|-
| Accountant without Manage DIDs read || 401 || <code>{"errors":"Unauthorized"}</code>
|-
| API restricted — '''dids_get''' not permitted || 401 || <code>{"errors":"API method not permitted: dids_get"}</code>
|}

 
== Additional notes ==

* Legacy XML listing remains available via [[MOR API dids get|dids_get]] (API Secret Key + hash). Prefer this v2 endpoint for new integrations.
* More request/response examples are in <code>/billing/api/v2/api-docs/</code> under the '''DIDs''' tag.

 
== See also ==

* [[MOR API v2]]
* [[MOR API dids get]] — legacy XML DID listing

MOR API v2 DIDs

2026-06-02T10:17:47Z

Admin: /* Returns */

List DIDs via [[MOR API v2]].

 
== Documentation ==

Full MOR REST API documentation is available at <code>/billing/api/v2/api-docs/</code>.

 
== Description ==

The DIDs API retrieves the list of DIDs visible to the authenticated '''admin''' or '''accountant''' user. Responses are JSON. The same data scope and VoiceAI integration fields as legacy [[MOR API dids get|dids_get]] apply. Authentication follows [[MOR API v2#Usage|Usage]] on the parent page (JWT via Basic login).

Only '''admin''' and '''accountant''' users may call this endpoint. '''Reseller''' and '''simple user''' accounts receive HTTP 401.

 
== API ==

'''Endpoint:''' <code>GET /billing/api/v2/dids</code>

Query parameters (all optional):

* '''search_did_number''' — filter by DID number (SQL LIKE partial match)
* '''search_status''' — lifecycle filter: '''free''', '''reserved''', '''active''', '''closed''', '''terminated''' (lowercase; see '''did_status''' in the response)
* '''search_hide_terminated_dids''' — '''1''' hide terminated DIDs, '''0''' show
* '''from''' — '''1-based''' index of the first record to return (pagination; same as legacy '''dids_get''')
* '''max_results''' — page size. When omitted, the server returns all matching rows (legacy parity). Integrators with large inventories should paginate (for example '''max_results=500''').

 
=== Authentication ===

The DIDs API requires the same authentication as other [[MOR API v2]] endpoints: Basic authentication to obtain a JWT, then a Bearer token on each request. See [[MOR API v2#Usage|Usage]] on the parent page.

'''Basic authentication (login)''' 
<code>POST /billing/api/v2/authentication/login</code> with HTTP Authorization header <code>Basic base64(username:password)</code>. Use the user's '''GUI password''' (the same password as for the MOR web interface), not the global API Secret Key.

Example:

<pre>
POST http://<SERVER_IP>/billing/api/v2/authentication/login HTTP/1.1
Authorization: Basic <base64(accountant:password)>
</pre>

'''JWT authentication (list DIDs)''' 
Pass the <code>access_token</code> from login in the Authorization header. The access token is valid for 15 minutes; use <code>/billing/api/v2/authentication/refresh</code> before expiry.

Example:

<pre>
GET http://<SERVER_IP>/billing/api/v2/dids?search_status=free&from=1&max_results=500
Authorization: Bearer <access_token>
</pre>

 
=== Authorization and visibility ===

* '''Accountant''' users need '''Manage DIDs''' read permission on their accountant permission group; otherwise the API returns HTTP 401 with <code>{"errors":"Unauthorized"}</code>.
* When '''API restricted''' is enabled on the user and an API permission group is assigned, the logical method '''dids_get''' must be allowed in that group (for example the '''VoiceAI DIDs Reader''' preset); otherwise the response is HTTP 401 with <code>{"errors":"API method not permitted: dids_get"}</code>.
* '''Admin''' and '''accountant''' (with Manage DIDs) see system-wide DIDs. '''Reseller''' and '''simple user''' are not permitted on this v2 endpoint.
* Fields such as '''provider''' and '''dial_plan''' are included for admin and accountant responses only.

 
=== Integration user setup ===

Typical read-only DID inventory integration (for example, VoiceAI sync):

# SETTINGS → Setup → '''Accountant Permissions''' — grant '''Manage DIDs''' read on the integration accountant's group.
# SETTINGS → Setup → '''API Permission Groups''' — create or use a group that allows '''dids_get''' read (preset: '''VoiceAI DIDs Reader''').
# SETTINGS → Users — create or edit an '''accountant''' user; enable '''API restricted''' and assign the API permission group.
# Enable API globally (SETTINGS → Setup → Settings → '''API''' tab).
# Authenticate with that accountant's username and '''GUI password''' via <code>/billing/api/v2/authentication/login</code>; call <code>GET /billing/api/v2/dids</code> with the returned Bearer token.

 
=== Returns ===

'''Success (HTTP 200)'''

<pre>
{
"dids": [
{
"id": 6501,
"did": "37066105718",
"did_number": "37066105718",
"status": "Active",
"did_status": "active",
"ai_agent_compatible": true,
"routes_to_openai_project_id": "proj_xxx",
"updated_at": "2026-05-27T07:35:57Z",
"owner": "User Resellers",
"device": "IAX2/105",
"provider": "Test Provider",
"dial_plan": "testDialPlan (authbypin)"
}
],
"meta": {
"from": 1,
"max_results": 500,
"returned": 42
}
}
</pre>

'''DID object fields'''

* '''id''' — DID record ID in the MOR database
* '''did''' / '''did_number''' — same DID number string (both returned for compatibility)
* '''status''' — capitalized GUI label (for example '''Active''')
* '''did_status''' — lowercase lifecycle value from the database (for example '''free''', '''active''', '''reserved''') — use for machine parsing
* '''ai_agent_compatible''' — '''true''' or '''false''' when the VoiceAI column exists on the server; omitted when the column is absent
* '''routes_to_openai_project_id''' — VoiceAI routing target (may be empty)
* '''updated_at''' — last change in RFC3339 UTC with '''Z''' suffix (for example '''2026-05-27T07:35:57Z'''); omitted when not set. See [[MOR API#Useful to know|Useful to know]] (API values are not reformatted by GUI date settings).
* '''device_id''' — integer; omitted when not assigned (no positive device ID).
* '''user_id''' — integer; omitted when not assigned (no positive user ID).
* '''reserved_for_user_till''' — RFC3339 UTC with '''Z''' when '''did_status''' is '''closed''' and a reservation end time is set; omitted otherwise (same semantics as legacy [[MOR API dids get|dids_get]] XML).
* '''owner''' — user display name
* '''device''' — assigned device label
* '''provider''' — provider name (admin/accountant only)
* '''dial_plan''' — dial plan name and type (admin/accountant only)

'''meta object'''

* '''from''' — 1-based offset used for this page
* '''max_results''' — page size requested (<code>null</code> when omitted in the request)
* '''returned''' — number of DID objects in this response

'''Empty result (HTTP 200)'''

<pre>
{
"dids": [],
"meta": {
"from": 1,
"max_results": null,
"returned": 0
}
}
</pre>

 

=== Errors ===

Errors are JSON and HTTP 401 unless noted. The DIDs endpoint uses an '''errors''' string; the login endpoint uses '''error'''.

{| class="wikitable"
|-
! Condition !! HTTP !! Example body
|-
| Invalid or missing JWT || 401 || <code>{"errors":"Invalid token value"}</code>
|-
| API disabled globally || 401 || <code>{"errors":"API Requests are disabled"}</code>
|-
| Wrong login password || 401 || <code>{"error":"unauthorized"}</code> (login endpoint)
|-
| User type not allowed (reseller, simple user) || 401 || <code>{"errors":"Unauthorized"}</code>
|-
| Accountant without Manage DIDs read || 401 || <code>{"errors":"Unauthorized"}</code>
|-
| API restricted — '''dids_get''' not permitted || 401 || <code>{"errors":"API method not permitted: dids_get"}</code>
|}

 
== Additional notes ==

* Legacy XML listing remains available via [[MOR API dids get|dids_get]] (API Secret Key + hash). Prefer this v2 endpoint for new integrations.
* More request/response examples are in <code>/billing/api/v2/api-docs/</code> under the '''DIDs''' tag.

 
== See also ==

* [[MOR API v2]]
* [[MOR API dids get]] — legacy XML DID listing

MOR API dids get

2026-06-02T10:17:10Z

Admin: /* Returns */

''List DIDs via the [[MOR API]].''

 
=Description=

[[MOR API]] DIDs get — list DIDs matching search filters. Returns XML (or HTML when '''test=1''').

 
=Usage=

* '''Call (recommended):''' POST to <code>/billing/api/</code> with <code>action=dids_get</code> (same as other [[MOR API]] methods).
* '''Alternate URL:''' <code>/billing/api/dids_get</code> — may work depending on server routing; prefer the main API endpoint above.
* '''Methods:''' POST (recommended), GET (if allowed in MOR Settings — not recommended).

 
===Parametres===

'''Required on every call'''

* '''[[MOR API hash construction | hash]]''' — SHA1 hash constructed using '''API_Secret_Key''' ([[MOR API hash construction | more in Constructing hash]]). '''Required'''.
* '''u''' — username for authentication. '''Required'''.

'''Search and pagination (not included in the hash)'''

The following parameters are '''not''' concatenated into the hash string. For a typical request with only '''u''' and search filters, the hash is built from the API Secret Key alone (no search parameter values are added). See [[MOR API hash construction | Constructing hash]] for hash-listed parameters on other actions.

* '''search_did_number''' — DID number (partial match)
* '''search_status''' — lifecycle filter: '''free''', '''reserved''', '''active''', '''closed''', '''terminated''' (lowercase in the request; see '''did_status''' in the response)
* '''search_did_owner''' — owner display name (admin / accountant)
* '''search_dialplan''' — dialplan id
* '''search_user''' — user id
* '''search_device''' — device id
* '''search_provider''' — provider id (admin / accountant, or reseller with own providers)
* '''search_language''' — language configured on the DID; use '''all''' to disable this filter (default when omitted)
* '''search_hide_terminated_dids''' — '''1''' hide terminated DIDs, '''0''' show
* '''from''' — '''1-based''' index of the first record to return (pagination)
* '''max_results''' — maximum number of records to return

'''Optional test flag'''

* '''test''' — '''1''' renders the response in the browser for debugging (same as other API methods)

 
===Authorization and visibility===

* The caller is identified by '''u=''' only; the hash does not bind a different user identity.
* '''Accountant''' users need '''Manage DIDs''' read permission on their accountant group; otherwise the API returns '''You are not authorized to manage DIDs'''.
* When '''API restricted''' is enabled on the user (user edit form) and an API permission group is assigned, '''dids_get''' must be allowed in that group; otherwise the response is '''API method not permitted: dids_get'''.
* '''Admin''' and '''accountant''' (with Manage DIDs) see system-wide DIDs; '''reseller''' sees reseller-scoped rows; '''user''' sees only their own DIDs.
* Fields such as '''provider''', '''dial_plan''', and '''tone_zone''' may be omitted for '''user''' and/or '''reseller''' responses — do not assume every element in the admin example below is present for all roles.

 
===Request===

Example: <code>search_status=free</code>, API Secret Key = <code>secret</code>, hash computed per [[MOR API hash construction | Constructing hash]] (search parameters are '''not''' part of the hash).

We send (recommended):

<pre>
POST http://<SERVER_IP>/billing/api/?u=admin&action=dids_get&search_status=free&hash=6e79d4a82f68102f43be11d873177f47817f84df
</pre>

With the same parameters, the matching free DIDs appear in the GUI DIDs list.

 
===Returns===

'''Success'''

<pre>
<?xml version="1.0" encoding="UTF-8"?>
<page>
<dids>
<did>
<did>37066xxxxxx</did>
<did_number>37066xxxxxx</did_number>
<provider>Test Provider</provider>
<language>language</language>
<status>Active</status>
<did_status>active</did_status>
<ai_agent_compatible>true</ai_agent_compatible>
<routes_to_openai_project_id></routes_to_openai_project_id>
<updated_at>2026-05-27T07:35:57Z</updated_at>
<reseller>Test Reseller</reseller>
<owner>User Resellers</owner>
<device>IAX2/105</device>
<dial_plan></dial_plan>
<simultaneous_call_limit>Unlimited</simultaneous_call_limit>
<tone_zone>it</tone_zone>
<id>6501</id>
<did_status>closed</did_status>
<device_id>2</device_id>
<user_id>2</user_id>
<reserved_for_user_till>2026-06-09T12:00:00Z</reserved_for_user_till>
</did>
<did>
<did>37066xxxxxx</did>
<did_number>37066xxxxxx</did_number>
<provider>Test Provider</provider>
<language></language>
<status>Active</status>
<did_status>active</did_status>
<reseller>Test Reseller</reseller>
<device></device>
<dial_plan>testDialPlan (authbypin)</dial_plan>
<simultaneous_call_limit>Unlimited</simultaneous_call_limit>
<tone_zone></tone_zone>
<id>6502</id>
<did_status>closed</did_status>
<device_id>2</device_id>
<user_id>2</user_id>
<reserved_for_user_till>2026-06-09T12:00:00Z</reserved_for_user_till>
</did>
</dids>
</page>
</pre>

'''Integration elements (inside each <did>)'''

* '''did_number''' — same value as '''did''' (returned for compatibility)
* '''did_status''' — lowercase lifecycle from the database (e.g. '''free''', '''active''', '''reserved''') — use for machine parsing
* '''status''' — capitalized label for the GUI (e.g. '''Active''') — same row, human-oriented display
* '''ai_agent_compatible''' — '''true''' or '''false''' when the column exists; omitted when the column is not on the server
* '''routes_to_openai_project_id''' — VoiceAI routing target (may be empty)
* '''updated_at''' — last change in '''RFC3339 UTC''' with '''Z''' suffix (e.g. '''2026-05-27T07:35:57Z'''); omitted when not set. Fixed wire format for integrators — not the phpMyAdmin '''YYYY-MM-DD HH:MM:SS''' display string. See [[MOR API#Useful to know|Useful to know]] (API values are not reformatted by GUI date settings).
* '''device_id''' — numeric ID of the device the DID is assigned to; omitted when there is no device assignment (same rule as [[MOR API v2 DIDs]] JSON).
* '''user_id''' — numeric ID of the end user the DID is assigned to; omitted when there is no user assignment.
* '''reserved_for_user_till''' — when '''did_status''' is '''closed''', the date and time until the DID stays reserved for the user (RFC3339 UTC with '''Z''' suffix, for example 2026-06-09T12:00:00Z); omitted for '''free''', '''active''', '''reserved''', and '''terminated''' rows. Matches the '''Reserved for user till''' line on the DID edit screen in the GUI.

Other elements ('''comment''', '''reseller''', etc.) follow the same rules as the DIDs GUI for the authenticated role.

 
'''Errors'''

* '''Incorrect hash''' — Hash was not correct. Check '''API_Secret_Key''' and parameter order while concatenating the hash string.
* '''Access Denied''' — User for '''u=''' not found, or invalid authentication.
* '''You are not authorized to manage DIDs''' — Accountant without '''Manage DIDs''' read on the accountant group.
* '''API method not permitted: dids_get''' — User has '''API restricted''' and the assigned permission group does not allow '''dids_get'''.
* '''No DIDs found''' — No DIDs matched the filters.

Example:

<pre>
<?xml version="1.0" encoding="UTF-8"?>
<page>
<error>Error message</error>
</page>
</pre>

 

=See also=

* [[MOR API]]
* [[MOR API v2 DIDs]] — JSON DID listing: '''GET /billing/api/v2/dids'''

MOR API dids get

2026-06-02T10:15:59Z

Admin: /* Returns */

''List DIDs via the [[MOR API]].''

 
=Description=

[[MOR API]] DIDs get — list DIDs matching search filters. Returns XML (or HTML when '''test=1''').

 
=Usage=

* '''Call (recommended):''' POST to <code>/billing/api/</code> with <code>action=dids_get</code> (same as other [[MOR API]] methods).
* '''Alternate URL:''' <code>/billing/api/dids_get</code> — may work depending on server routing; prefer the main API endpoint above.
* '''Methods:''' POST (recommended), GET (if allowed in MOR Settings — not recommended).

 
===Parametres===

'''Required on every call'''

* '''[[MOR API hash construction | hash]]''' — SHA1 hash constructed using '''API_Secret_Key''' ([[MOR API hash construction | more in Constructing hash]]). '''Required'''.
* '''u''' — username for authentication. '''Required'''.

'''Search and pagination (not included in the hash)'''

The following parameters are '''not''' concatenated into the hash string. For a typical request with only '''u''' and search filters, the hash is built from the API Secret Key alone (no search parameter values are added). See [[MOR API hash construction | Constructing hash]] for hash-listed parameters on other actions.

* '''search_did_number''' — DID number (partial match)
* '''search_status''' — lifecycle filter: '''free''', '''reserved''', '''active''', '''closed''', '''terminated''' (lowercase in the request; see '''did_status''' in the response)
* '''search_did_owner''' — owner display name (admin / accountant)
* '''search_dialplan''' — dialplan id
* '''search_user''' — user id
* '''search_device''' — device id
* '''search_provider''' — provider id (admin / accountant, or reseller with own providers)
* '''search_language''' — language configured on the DID; use '''all''' to disable this filter (default when omitted)
* '''search_hide_terminated_dids''' — '''1''' hide terminated DIDs, '''0''' show
* '''from''' — '''1-based''' index of the first record to return (pagination)
* '''max_results''' — maximum number of records to return

'''Optional test flag'''

* '''test''' — '''1''' renders the response in the browser for debugging (same as other API methods)

 
===Authorization and visibility===

* The caller is identified by '''u=''' only; the hash does not bind a different user identity.
* '''Accountant''' users need '''Manage DIDs''' read permission on their accountant group; otherwise the API returns '''You are not authorized to manage DIDs'''.
* When '''API restricted''' is enabled on the user (user edit form) and an API permission group is assigned, '''dids_get''' must be allowed in that group; otherwise the response is '''API method not permitted: dids_get'''.
* '''Admin''' and '''accountant''' (with Manage DIDs) see system-wide DIDs; '''reseller''' sees reseller-scoped rows; '''user''' sees only their own DIDs.
* Fields such as '''provider''', '''dial_plan''', and '''tone_zone''' may be omitted for '''user''' and/or '''reseller''' responses — do not assume every element in the admin example below is present for all roles.

 
===Request===

Example: <code>search_status=free</code>, API Secret Key = <code>secret</code>, hash computed per [[MOR API hash construction | Constructing hash]] (search parameters are '''not''' part of the hash).

We send (recommended):

<pre>
POST http://<SERVER_IP>/billing/api/?u=admin&action=dids_get&search_status=free&hash=6e79d4a82f68102f43be11d873177f47817f84df
</pre>

With the same parameters, the matching free DIDs appear in the GUI DIDs list.

 
===Returns===

'''Success'''

<pre>
<?xml version="1.0" encoding="UTF-8"?>
<page>
<dids>
<did>
<did>37066xxxxxx</did>
<did_number>37066xxxxxx</did_number>
<provider>Test Provider</provider>
<language>language</language>
<status>Active</status>
<did_status>active</did_status>
<ai_agent_compatible>true</ai_agent_compatible>
<routes_to_openai_project_id></routes_to_openai_project_id>
<updated_at>2026-05-27T07:35:57Z</updated_at>
<reseller>Test Reseller</reseller>
<owner>User Resellers</owner>
<device>IAX2/105</device>
<dial_plan></dial_plan>
<simultaneous_call_limit>Unlimited</simultaneous_call_limit>
<tone_zone>it</tone_zone>
<id>6501</id>
</did>
<did>
<did>37066xxxxxx</did>
<did_number>37066xxxxxx</did_number>
<provider>Test Provider</provider>
<language></language>
<status>Active</status>
<did_status>active</did_status>
<reseller>Test Reseller</reseller>
<device></device>
<dial_plan>testDialPlan (authbypin)</dial_plan>
<simultaneous_call_limit>Unlimited</simultaneous_call_limit>
<tone_zone></tone_zone>
<id>6502</id>
</did>
</dids>
</page>
</pre>

'''Integration elements (inside each <did>)'''

* '''did_number''' — same value as '''did''' (returned for compatibility)
* '''did_status''' — lowercase lifecycle from the database (e.g. '''free''', '''active''', '''reserved''') — use for machine parsing
* '''status''' — capitalized label for the GUI (e.g. '''Active''') — same row, human-oriented display
* '''ai_agent_compatible''' — '''true''' or '''false''' when the column exists; omitted when the column is not on the server
* '''routes_to_openai_project_id''' — VoiceAI routing target (may be empty)
* '''updated_at''' — last change in '''RFC3339 UTC''' with '''Z''' suffix (e.g. '''2026-05-27T07:35:57Z'''); omitted when not set. Fixed wire format for integrators — not the phpMyAdmin '''YYYY-MM-DD HH:MM:SS''' display string. See [[MOR API#Useful to know|Useful to know]] (API values are not reformatted by GUI date settings).
* '''device_id''' — numeric ID of the device the DID is assigned to; omitted when there is no device assignment (same rule as [[MOR API v2 DIDs]] JSON).
* '''user_id''' — numeric ID of the end user the DID is assigned to; omitted when there is no user assignment.
* '''reserved_for_user_till''' — when '''did_status''' is '''closed''', the date and time until the DID stays reserved for the user (RFC3339 UTC with '''Z''' suffix, for example 2026-06-09T12:00:00Z); omitted for '''free''', '''active''', '''reserved''', and '''terminated''' rows. Matches the '''Reserved for user till''' line on the DID edit screen in the GUI.

Other elements ('''comment''', '''reseller''', etc.) follow the same rules as the DIDs GUI for the authenticated role.

 
'''Errors'''

* '''Incorrect hash''' — Hash was not correct. Check '''API_Secret_Key''' and parameter order while concatenating the hash string.
* '''Access Denied''' — User for '''u=''' not found, or invalid authentication.
* '''You are not authorized to manage DIDs''' — Accountant without '''Manage DIDs''' read on the accountant group.
* '''API method not permitted: dids_get''' — User has '''API restricted''' and the assigned permission group does not allow '''dids_get'''.
* '''No DIDs found''' — No DIDs matched the filters.

Example:

<pre>
<?xml version="1.0" encoding="UTF-8"?>
<page>
<error>Error message</error>
</page>
</pre>

 

=See also=

* [[MOR API]]
* [[MOR API v2 DIDs]] — JSON DID listing: '''GET /billing/api/v2/dids'''

Wholesale Tariff

2026-06-02T08:22:52Z

Admin:

=What is a Wholesale Tariff?=

This tariff is a price list which you get from your provider, later you can transform this tariff into retail or user wholesale tariffs. Without a transformation this tariff cannot be assigned to user.
 
= Min Time =

Min(imal) Time is the minimum time that will be billed if a call is answered.

For example:

* Min Time = 10s
* If the actual length of a call is <= 10s, billsec = 10.
* If the actual length of a call is > 10s, then billsec = actual call length.

{| border="1" cellpadding="5" cellspacing="0"
| '''Actual call length''' || '''Call time which will be billed'''
|-
| 1 || 10
|-
| 2 || 10
|-
| ... || 10
|-
| 9 || 10
|-
| 10 || 10
|-
| 11 || 11
|-
| 12 || 12
|-
| ... || ...
|-
|}

 
= Increment =

An Increment is the amount of time in which a call is billed. It is counted in seconds.

For example, assume that:

* A particular call lasts for 15 seconds.
* The rate for 1 min is (for the sake of simplicity) 1 EUR/min.

Then:

* If the increment is 1, then the call length will be counted as 15s and the call price will be 0.25 EUR (1/60*15). As the increment is 1, the call can be 1, 2, 3... in length. 15s is the exact length of the call.
* If the increment is 10, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 10, the call can be 10, 20, 30... in length. 20s is nearest to 15.
* If the increment is 20, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 20, the call can be 20, 40, 60... in length. 20s is nearest to 15.

 
= Make Wholesale Tariff =

'''Make Wholesale Tariff''' builds a new wholesale tariff from an existing one: rates are copied and your amount/percent markups are applied. When the source tariff has rates with '''CLI Groups''' (CLI prefixes per destination), those prefixes are carried to the new tariff. For what CLI Groups are and how rating uses them, see [[CLI Groups - CLI Prefixes]].

'''Menu path:''' '''SETTINGS → Billing → [[Tariffs]]''' → select a tariff → '''Make Wholesale Tariff'''.

'''CLI Groups on the form''' 
Before you choose the wholesale tariff type and click '''Make Tariff''', the form shows a '''CLI Groups''' choice:

* '''Copy CLI Groups''' (default) — the new tariff gets its own CLI Group copies. Editing CLI prefixes on the new tariff does not change the source tariff.
* '''Reuse CLI Groups''' — new rates point to the same CLI Group records as the source tariff. Changing prefixes on one tariff can affect the other.

Use '''Copy''' when you mark up a supplier tariff for resale and need isolated prefix lists. Use '''Reuse''' only when you intentionally want shared CLI Groups between the source and the new tariff.

If the source tariff has no CLI Groups on its rates, this section has no effect — the new tariff is created as before.

 

= See also =
* [[MOR_Manual#Tariffs | Tariffs]]

Tariff Transformation

2026-06-02T08:19:29Z

Admin:

Wholesale tariffs can be transformed to user retail tariffs. This can be done in the main tariffs window by clicking on [[Image:application_add.png ]] '''Make user retail tariff''' or [[Image:application_add.png ]] '''Make wholesale Tariff''' (these links appear when a tariff has at least one rate):

[[Image:tarifftransformation1.png]]

Enter the values you want to add to change from a wholesale tariff to a retail tariff. Let's say X is the wholesale rate. There are three possible ways of making the change:

1. Enter value Y into the '''Add amount''' field. The retail rate will be X + Y.

2. Enter value Z into the '''Add percent''' field. The retail rate will be X + (X/100 * Z).

3. Enter value Y into the '''Add amount''' field AND Z into '''Add percent''' field. The retail rate will be (X + Y) + ((X + Y) / 100 * Z).

'''NOTE''': When performing this transformation, the largest value from the wholesale tariff is taken for the Destination group in the retail tariff (by prefix). For a more detailed explanation, check [[Make Retail Tariff from Wholesale Tariff explained | here]].

'''HINT''': This function can be used when importing a user retail tariff. First you create a fake wholesale Tariff, then import Rates into it, and finally transform to the user retail Tariff with values 0/0.

 
== Make Wholesale Tariff ==

'''Make Wholesale Tariff''' builds a new wholesale tariff from an existing one: rates are copied and your amount/percent markups are applied. When the source tariff has rates with '''CLI Groups''' (CLI prefixes per destination), those prefixes are carried to the new tariff. For what CLI Groups are and how rating uses them, see [[CLI Groups - CLI Prefixes]].

'''Menu path:''' '''SETTINGS → Billing → [[Tariffs]]''' → select a tariff → '''Make Wholesale Tariff'''.

'''CLI Groups on the form''' 
Before you choose the wholesale tariff type and click '''Make Tariff''', the form shows a '''CLI Groups''' choice:

* '''Copy CLI Groups''' (default) — the new tariff gets its own CLI Group copies. Editing CLI prefixes on the new tariff does not change the source tariff.
* '''Reuse CLI Groups''' — new rates point to the same CLI Group records as the source tariff. Changing prefixes on one tariff can affect the other.

Use '''Copy''' when you mark up a supplier tariff for resale and need isolated prefix lists. Use '''Reuse''' only when you intentionally want shared CLI Groups between the source and the new tariff.

If the source tariff has no CLI Groups on its rates, this section has no effect — the new tariff is created as before.

 
=See also=
* [[Make Retail Tariff from Wholesale Tariff explained]]

Wholesale Tariff

2026-06-02T08:18:52Z

Admin:

=What is a Wholesale Tariff?=

This tariff is a price list which you get from your provider, later you can transform this tariff into retail or user wholesale tariffs. Without a transformation this tariff cannot be assigned to user.
 
= Min Time =

Min(imal) Time is the minimum time that will be billed if a call is answered.

For example:

* Min Time = 10s
* If the actual length of a call is <= 10s, billsec = 10.
* If the actual length of a call is > 10s, then billsec = actual call length.

{| border="1" cellpadding="5" cellspacing="0"
| '''Actual call length''' || '''Call time which will be billed'''
|-
| 1 || 10
|-
| 2 || 10
|-
| ... || 10
|-
| 9 || 10
|-
| 10 || 10
|-
| 11 || 11
|-
| 12 || 12
|-
| ... || ...
|-
|}

 
= Increment =

An Increment is the amount of time in which a call is billed. It is counted in seconds.

For example, assume that:

* A particular call lasts for 15 seconds.
* The rate for 1 min is (for the sake of simplicity) 1 EUR/min.

Then:

* If the increment is 1, then the call length will be counted as 15s and the call price will be 0.25 EUR (1/60*15). As the increment is 1, the call can be 1, 2, 3... in length. 15s is the exact length of the call.
* If the increment is 10, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 10, the call can be 10, 20, 30... in length. 20s is nearest to 15.
* If the increment is 20, then the call length will be counted as 20s and the call price will be 0.333 EUR (1/60*20). As the increment is 20, the call can be 20, 40, 60... in length. 20s is nearest to 15.

 
== Make Wholesale Tariff ==

'''Make Wholesale Tariff''' builds a new wholesale tariff from an existing one: rates are copied and your amount/percent markups are applied. When the source tariff has rates with '''CLI Groups''' (CLI prefixes per destination), those prefixes are carried to the new tariff. For what CLI Groups are and how rating uses them, see [[CLI Groups - CLI Prefixes]].

'''Menu path:''' '''SETTINGS → Billing → [[Tariffs]]''' → select a tariff → '''Make Wholesale Tariff'''.

'''CLI Groups on the form''' 
Before you choose the wholesale tariff type and click '''Make Tariff''', the form shows a '''CLI Groups''' choice:

* '''Copy CLI Groups''' (default) — the new tariff gets its own CLI Group copies. Editing CLI prefixes on the new tariff does not change the source tariff.
* '''Reuse CLI Groups''' — new rates point to the same CLI Group records as the source tariff. Changing prefixes on one tariff can affect the other.

Use '''Copy''' when you mark up a supplier tariff for resale and need isolated prefix lists. Use '''Reuse''' only when you intentionally want shared CLI Groups between the source and the new tariff.

If the source tariff has no CLI Groups on its rates, this section has no effect — the new tariff is created as before.

 

= See also =
* [[MOR_Manual#Tariffs | Tariffs]]