Genesys Cloud - Main

 View Only

Discussion Thread View

  • 1.  OAuth2.0 Authentication

    Posted 04-20-2022 09:45

    Hi,

    I'm new to all of this and I am currently working on my first Genesys Cloud integration. When trying to authorize my application via OAuth2, I keep getting this error screen:

    I've double and triple checked that my redirect URI is accurate down to the character. Any pointers here?

    I'm writing in Google Apps Script and here is a snippet of the code I'm working with. Thanks in advance!

    /**
 * Authorizes and makes a request to the API.
 */
function run() {
  var service = getService();
  if (service.hasAccess()) {
    var url = 'https://apps.mypurecloud.com/api/v2/authorization/divisions';
    var response = UrlFetchApp.fetch(url, {
      headers: {
        Authorization: 'Bearer ' + service.getAccessToken()
      }
    });
    var result = JSON.parse(response.getContentText());
    Logger.log(JSON.stringify(result, null, 2));
  } else {
    var authorizationUrl = service.getAuthorizationUrl();
    Logger.log('Open the following URL and re-run the script: %s',
        authorizationUrl);
  }
}

/**
 * Reset the authorization state, so that it can be re-tested.
 */
function reset() {
  getService().reset();
}

/**
 * Configures the service.
 */
function getService() {
  return OAuth2.createService('Genesys')
      // Set the endpoint URLs.
      .setAuthorizationBaseUrl(
          'https://login.mypurecloud.com/oauth/authorize?client_id=<' + 
          CLIENT_ID + 
          '>&response_type=code&redirect_uri=<' + 
          REDIRECT_URI + 
          '>')
      .setTokenUrl(
          'https://apps.mypurecloud.com/oauth/token')

      // Set the client ID and secret.
      .setClientId(CLIENT_ID)
      .setClientSecret(CLIENT_SECRET)

      // Set the name of the callback function that should be invoked to
      // complete the OAuth flow.
      .setCallbackFunction('authCallback')

      // Set the property store where authorized tokens should be persisted.
      .setPropertyStore(PropertiesService.getUserProperties());
}

/**
 * Handles the OAuth callback.
 */
function authCallback(request) {
  var service = getService();
  var authorized = service.handleCallback(request);
  if (authorized) {
    return HtmlService.createHtmlOutput('Success!');
  } else {
    return HtmlService.createHtmlOutput('Denied.');
  }
}

    #Integrations
    #Omni-ChannelDesktop/UserInterface
    #SystemAdministration

    ------------------------------
    Phillip Wright
    Shipt, Inc.
    ------------------------------


  • 2.  RE: OAuth2.0 Authentication

    Posted 04-20-2022 11:36
    Hi Philip,

    I would suggest taking a look at the tutorial from https://developer.genesys.cloud/platform/api/postman

    That might give you a hint.

    Good luck!

    ------------------------------
    Bert Barrez
    SEDGWICK CLAIMS MANAGEMENT SERVICES
    ------------------------------

    Original Message


  • 3.  RE: OAuth2.0 Authentication

    GENESYS
    Posted 04-21-2022 11:43
    Edited by Jim Crespino 04-21-2022 11:46
    Hi Phillip,

    I think you are close but it looks like you took the example code from this article very literally: https://developer.genesys.cloud/authorization/platform-auth/use-authorization-code

    You seem to be wrapping the client id and redirect_uri query parameters with "<" and ">" characters, which I assume you got from this code example:

    https://login.mypurecloud.com/oauth/authorize
    ?client_id=<my-client-id>
    &response_type=code
    &redirect_uri=<http://example.com/oauth/callback>

    In our docs we meant for you to replace the entire <my-client-id> and <http://example.com/oauth/callback> with the actual value.  For instance, the actual request you send should look something like this:

    https://login.mypurecloud.com/oauth/authorize
    ?client_id=069daa92-a113-4fed-825d-ba354482a193
    &response_type=code
    &redirect_uri=https://www.myserver.com/mycode/callback

    Also, Genesys Cloud orgs are hosted regionally.  If your org is in the AWS US East region then the login request should be sent per the example to login.mypurecloud.com.  But if it in a different region then you'll need to use the login URL for that region documented here: https://developer.genesys.cloud/platform/api/

    That should help.  If not you can post back here or on our developer forums at https://developer.genesys.cloud/forum

    Cheers,


    ------------------------------
    Jim Crespino
    Senior Director, Developer Evangelism
    Genesys
    https://developer.genesys.com
    ------------------------------

    Original Message


  • 4.  RE: OAuth2.0 Authentication

    Posted 04-21-2022 12:13

    Hi Jim,

    Thanks so much for the info! I've corrected your first suggestion where I took the example code too literally. I've also verified that my org is indeed hosted in the US East. 

    After making that correction, I received a similar message:
    I appreciate any future assistance!



    ------------------------------
    Phillip Wright
    Shipt, Inc.
    ------------------------------

    Original Message


  • 5.  RE: OAuth2.0 Authentication

    GENESYS
    Posted 04-21-2022 12:30
    Is the OAuth Client you setup in Admin->OAuth setup as "Code Authorization" or "Token Implicit Grant"? 


    Also, the Authorization Code Grant flow is a two setup flow.  The first call to authenticate returns a "code" to your callback and then you need to make a second API request to exchange the code for an access token.  This two step flow is designed to prevent a man-in-the-middle attack.  I don't see in the code you provided that you are doing that second step, but maybe you didn't share all of your code.

    ------------------------------
    Jim Crespino
    Senior Director, Developer Evangelism
    Genesys
    https://developer.genesys.com
    ------------------------------

    Original Message


Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources