What server, username, and secret to enter on your softphone

Every Softphone asks the same three things: a server to reach, a username to log in as, and a secret to prove it is allowed. The labels change from app to app, but the three values always come from the same place in VICIdial. Once you know which field maps to which, any softphone registers the first time.

Server: the Server IP

The server field, sometimes labeled host, domain, registrar, or proxy, takes the Server IP of the server the phone is active on. That is the same server you picked in the Server IP menu when you created the phone entry. If a phone is set up on more than one box, use the IP of the one you actually want it to register against.

Username: the phone extension

The username, sometimes called account, user ID, or auth name, is the phone Extension. That is the device name as the server sees it, without the protocol prefix or slash. A phone the server knows as SIP/test101 has an extension of test101, so that is what you type. For SIP (Session Initiation Protocol) and IAX2 entries, the extension has no dashes in it.

Secret: the Registration Password

This is the field people get wrong. The secret, sometimes labeled password or auth password, is the Registration Password from the phone record. It is the secret written into the auto-generated config for that phone. It is not the Login Password, which only logs a user into the web agent screen. Two different passwords sit on the same record, and the device wants the Registration one.

A fresh phone entry ships with the Registration Password set to the word test. Leave that in place and anyone who guesses test can register as your phone, so change it. A good one is at least eight characters with upper and lower case letters and at least one number. The Registration Password was once called the Conf File Secret, so if a setup guide or an older screen uses that name, it is the same field.

It helps to remember why there are two passwords at all. One identity is the agent, a human who signs into the web screen with the Agent Screen Login and the Login Password. The other identity is the device, which authenticates to the server with the extension and the Registration Password. A softphone is a device, so it always uses the device pair. Keeping those two roles separate in your head is the fastest way to stop guessing which password goes where.

flowchart TD
  A[Softphone settings] --> B[Server field]
  A --> C[Username field]
  A --> D[Password field]
  B --> E[VICIdial Server IP]
  C --> F[Phone extension]
  D --> G[Registration Password]
  E --> H[Device registers]
  F --> H
  G --> H

A quick sanity check

Before you save, run through the mapping one more time:

• Server equals Server IP.
• Username equals the phone extension, no prefix, no dashes.
• Secret equals the Registration Password, never the Login Password.

If all three match the phone record and the account still will not come up, the protocol on the record may not be SIP, or you may be pointing at the wrong server. The VICIdial phones pillar guide walks the whole record, and the Registration Password explainer goes deeper on the secret itself.

Want VICIdial without managing the server behind the softphone? See VICIfast plans and have everything provisioned in under 40 seconds.