Genesys Cloud CX

Discussion Thread View
  • 1.  Azure Active Directory Questions

    Posted 11-05-2020 16:53

    I am looking for some help with the following:

    1. Is it possible to have an OAuth token last longer than 48 hours?
    2. What happens to users that have synced after the token expires? Will they be put in an inactive state or deleted?
    3. Is there a method to auto generate a token?
    4. If NO roles are assigned to a group and a user syncs to it, are they put into an inactive state?
    5. If a user is synced to a group that has a role already assigned to them, will there be any impact or issues?

    Dimitri Spiropoulos
    Foehn Ltd.

  • 2.  RE: Azure Active Directory Questions

    GCAP Member
    Posted 11-06-2020 02:00
    Edited by Christoph Otto 11-06-2020 02:00

    (1) we set up a OAuth Token with the maximum time of 38880000 seconds. (2) No new sync takes place after the token has expired, but the users remain in their current status.

    (3) that interests me too
    (4) Not sure, not tested
    (5) Not sure, not tested

    Christoph Otto

  • 3.  RE: Azure Active Directory Questions

    Posted 11-06-2020 08:44
    for #3, not at this time.  We are working with Microsoft to have them implement the Client Credential Oauth flow within their user provisioning app, but they have indicated that will be at least a quarter out before they can support this.

    #4, no, the user is only placed into an inactive state if it is specifically dictated by the mapping.  The default mapping uses the MS "softDelete" attribute to determine if a user should be placed into an inactive state.  If the user is soft deleted in Azure AD, then they will be set to "inactive" in Genesys Cloud on the next sync operation.  If that user is then hard deleted in Azure AD, they will be deleted in Genesys Cloud.

    #5, if a user is synced into a group that has a role assigned to it, then the user will inherit that role by way of their group membership.  If there user is removed from the group, then the role will be removed from the user.  Note that this is no different than the behavior you would find if you manually added/removed the user from the group.​​​

    Richard Schott
    Genesys - Employees

  • 4.  RE: Azure Active Directory Questions

    Posted 10-12-2021 11:26
    We also had our set up for the 38880000, however it does default back to the 24 hours.  Can you tell me how you set it to the 38880000?  For some reason I thought it had to do with a permissions for the OAuth.

    Janice Jahnsen
    F5 Networks, Inc.

  • 5.  RE: Azure Active Directory Questions

    Posted 11-06-2020 02:21
    Edited by Kimmo Peltonen 11-06-2020 02:24

    Answer to number three interests me as well.
    Documentation on the setup at the moment is not very good. Setting the Oauth token to maximun time is not a good solution.

    Kimmo Peltonen
    Advania Finland Oy