I have a social network that written in Microsoft tech stack and when users register on that I create an ejabberd user using rest API until now everything works perfectly.
But for chat clients authentication with ejabberd, I don't want to send Ejabberd username and password to clients. I want to send a token to clients to authenticate.
Questions: Did I chose right approach to integration? If yes, how can I clients authentication token from ejabberd? If no, in scenarios like this what is the right approach?
I would use ejabberd HTTP auth contribution module, so that you can decide how you want to check your password or token directly on the back-end.
You can get that contribution on Github: https://github.com/processone/ejabberd-contrib/tree/master/ejabberd_auth_http