The Signature JWT-Token is validated, so that only the Token generated by this gateway could be used (and no spaming over this Gateway is possible).
The JWT-Token contains the XMPP-Address of the Distributor, so that this Gateway does not require to store anything.
Current the JWT-Token is not encrypted like in [RFC 7516(https://tools.ietf.org/html/rfc7516) as an JWE [we are working on it](https://dev.sum7.eu/genofire/unified-push-xmpp/issues/5).
So the XMPP-Address could be readed by Application-Server, Application and Distributor (and could be leaked there - we hope you could trust them till we implement JWE)
The XMPP Component implements [XEP-0225](https://xmpp.org/extensions/xep-0225.html) it could be plugged in at every common server (like [ejabberd](https://docs.ejabberd.im/admin/configuration/listen/#ejabberd-service) or [Prosody](https://prosody.im/doc/components)) with an Secret and domain name.
And run `systemctl enable --now up-gateway.service` to startup and start at boot.
## Demo Gateway
An Demo gateway is running under Endpoint-Address [https://up.chat.sum7.eu/UP](https://up.chat.sum7.eu/UP) and under the XMPP-Address (jid of component) [xmpp:up.chat.sum7.eu](xmpp:up.chat.sum7.eu).