XMPP: The Definitive Guide by Peter Saint-Andre, Kevin Smith, Remko Tronçon

In computer systems, authentication is the act or process of establishing that someone or something is what they claim to be. In XMPP, authentication most often occurs when a server confirms that a connecting client has the proper credentials to establish a session on behalf of a registered account (these credentials usually take the form of a username and password, but can also be a digital certificate, a shared secret, or a temporary token). Authentication can also occur between two peer servers based on the use of digital certificates issued by a common certification authority. The original authentication method used in the XMPP community XEP-0078 has been superseded by use of the Simple Authentication and Security Layer (SASL), defined in RFC 4422.

XMPP developers often use the term “bare JID” to refer to a JabberID of the form user@domain.tld, in contrast to a “full JID” of the form user@domain.tld/resource.

BOSH (Bidrectional-stream Over Synchronous HTTP) is an alternative HTTP binding for XMPP traffic between a client and a server, which uses a paired sequence of HTTP requests and responses to mimic the bidirectional XML streams used over the standard TCP binding. BOSH is used mainly by web clients and mobile devices that cannot maintain long-lived TCP connections.

A bot is an automated entity that typically connects to a server as a client and then provides services to human users and other bots, either directly or in a chat room.