CodeB adds WebRTC video, click-to-call, signed recordings, browser desk phones and voice AI to the PBX or SIP trunk you already own. Self-host on Windows/IIS or run a private hosted tenant. No analytics. No SaaS media path. No forced carrier migration.
Private browser meetings — HD video, screen share, chat and file drop. Nothing to install for participants. Mesh under 7 peers; signed local recording with consent gate.
A browser desk phone on the SIP trunk you already have — FRITZ!Box, Asterisk, FreePBX, Yeastar, anything that speaks SIP. Installable as a PWA so it lives outside the tab bar.
Real-time AI voice agents on your inbound DIDs and outbound campaigns. Pluggable AI Voice Engine — cloud or on-premise. Per-vnum personas, tool calls for transfer / hangup, signed transcripts.
A self-hosted OpenID Connect identity provider built into the same Windows + IIS server. Sign in once; use it to authenticate Nextcloud, WordPress, GitLab, Grafana — or your own apps — against your own IdP, not a third-party login.
Live OID4VP 1.0 + HAIP 1.0 verifier for the EU Digital Identity Wallet. Any spec-compliant EUDI Wallet can scan the QR at /logineu.html and sign in — SD-JWT VC, KB-JWT, JWE-encrypted response. Wallet-as-recovery for password reset is shipped.
REST v1 at /api.ashx/v1 with API-key auth, unified list envelope and camelCase fields. Signed webhooks for call lifecycle, transcripts, and share events. The full integrator surface for CRM push-back, dialler hooks and headless tenant management.
One install of CodeB on your Windows + IIS server gives you all six modules. They share user accounts, telephony settings, and the privacy posture — turn on only what you need. No per-minute SaaS markup, no hyperscaler dependency, no third-party media cloud.
Even when a cloud provider promises end-to-end voice encryption, the metadata — who called whom, when, from where, and for how long — is harvested, analysed and stored in foreign jurisdictions. Often reachable under the US CLOUD Act. Encryption of content does not cure exposure of pattern.
Enforcement in 2025 and 2026 sharply raised cybersecurity and risk-management expectations across 18 critical sectors. Running core communications via multi-tenant public clouds with external processors creates direct compliance liability for essential and important entities. The EU AI Act adds transparency obligations from August 2026 onwards.
Moving to traditional cloud communications usually means abandoning existing telecom agreements, completing a complex carrier migration, and accepting unpredictable per-minute SaaS markups. CodeB layers on top of the SIP infrastructure you already own — no carrier swap, no procurement gravity.
Self-hosted browser meetings with the same end-to-end encryption your security policy already demands. No new vendor on the processor register.
Pricing & deployment →CodeB Phone plugs into the SIP infrastructure you already run. No PBX swap, no carrier migration — a modern web client on top of what you already pay for.
How we sit on top of your PBX →One AI receptionist per DID, qualifying callers, answering FAQs, transferring on demand and emailing you a signed transcript. Outbound campaigns too.
Voice AI overview →Built-in OpenID Connect provider plugs into Nextcloud, WordPress, GitLab, Grafana and your own apps. Sign in once on infrastructure you control — not a third-party login. Reuses the same user records as Phone and Voice AI.
Identity overview →
Built and operated by Aloaha Limited, a Malta-registered company that has shipped signing, PKI and secure-communications software since 2003. CodeB itself runs in production on phone.codeb.io as the daily-driver phone and meeting platform for the team that develops it — dogfooded, not demoware.