Genesys Cloud - Developer Community!

 View Only

Sign Up

  • 1.  Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 9 days ago

    Customer without Sales force Cloud license has to be connected to SF for Customer authentication/profiling. We proposed to connect it by Genesys Data Action integration available. This integration connects to SF by User with Token. According to customer this type of connection is obsolete by Sales force and External Client App is a way of connection that should be used.  What is our options to connect Data Action to Sales  by  External Client App? It can be configured or developed without purchasing Genesys Sales Force Voice cloud license?


    #DataActions

    ------------------------------
    Boris Kotlarsky
    Technical Manager
    ------------------------------


  • 2.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 9 days ago

    Hi Boris,

    I haven't implemented this specifically with Salesforce, but we've used a similar approach with other CRM integrations using a JWT-based OAuth pattern.

    In our case, we used a middleware layer (Genesys Functions) to:

    • Handle authentication (JWT token generation/exchange)
    • Call the CRM APIs
    • Return the required data back to Genesys via a Data Action

    From a Genesys perspective, the Data Action simply calls the middleware endpoint, which abstracts the authentication complexity.

    This pattern should align well with Salesforce's Connected App / External Client App approach, where JWT or client credentials flows are typically used instead of username + token authentication.

    Also, since this is API-based integration, it should not require the Salesforce Voice / CX Cloud license is my understanding.

    Hope this helps.



    ------------------------------
    Phaneendra
    Technical Solutions Consultant
    ------------------------------

    Original Message


  • 3.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 9 days ago

    Hi Boris,

    Yes, you can integrate Genesys Cloud Data Actions with Salesforce without purchasing the Salesforce Voice / CX Cloud license, because this is purely an API-level integration.

    However, your customer is also correct regarding authentication best practices.

    About username + token authentication

    The traditional:

    • username
    • password
    • security token

    pattern is still technically supported by Salesforce in some scenarios, but many customers now consider it legacy/less secure compared to OAuth-based Connected Apps / External Client Apps.

    Recommended approach

    The best production architecture is usually:

    Genesys Cloud Data Action
    → Middleware/API Layer
    → Salesforce Connected App / External Client App
    → Salesforce APIs

    Why middleware is recommended

    Genesys Data Actions have limitations when handling:

    • complex OAuth flows
    • JWT assertion generation
    • token lifecycle management
    • certificate-based auth

    A middleware layer gives you:

    • centralized authentication handling
    • token caching/refresh
    • better observability
    • retry/error handling
    • security isolation

    Common implementation patterns

    Most common approaches are:

    • AWS Lambda + API Gateway
    • Genesys Functions
    • Node.js middleware
    • Azure Functions

    Recommended auth flow

    For Salesforce External Client App / Connected App, the most common enterprise pattern is:

    • OAuth 2.0 JWT Bearer Flow
      or
    • Client Credentials Flow (if enabled/supported by org policies)

    This avoids storing user passwords/tokens in Genesys integrations.

    Important point

    You do not need:

    • Salesforce Service Cloud Voice
    • CX Cloud package
    • native Salesforce integration license

    unless you specifically want:

    • embedded softphone
    • Omni integration
    • SCV capabilities
    • unified agent experience

    For customer authentication/profile lookup, standard API integration is enough.

    My recommendation

    For production:

    • avoid direct username/token auth from Data Actions
    • use middleware + OAuth/JWT with Connected App
    • keep Genesys responsible only for orchestration

    This architecture is much more scalable, secure, and aligned with modern Salesforce security practices.



    ------------------------------
    Gabriel Garcia
    NA
    ------------------------------

    Original Message


  • 4.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 9 days ago

    Hello Boris,

    Considering the scalability aspect, We have implemented the integration between Genesys and Salesforce via a Middleware Application using Webservices Integrations.



    ------------------------------
    Jyoti Sharma
    Senior Design Consultant
    ------------------------------

    Original Message


  • 5.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 8 days ago

    Salesforce integration for Data Actions can simply use the standard Web Services Data Actions integration instead of the "legacy" Salesforce one. You can then just set OAUTH 2 as the credential type and label it as "Salesforce via OAUTH" or similar.

    Genesys can't necessarily update the existing Integration without breaking a number of customers that use that model.



    ------------------------------
    Richard Chandler
    Connect
    ------------------------------

    Original Message


  • 6.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 8 days ago

    the username/password auth flow had been supported by Salesforce for quite some time.  It wasn't until recently that Salesforce announced they stopped supporting it (even if it was not their recommended practice), and that end of support is targeted for the upcoming Winter release.  In response to this announce are finalizing development on support for Client Credential Grant access to Salesforce, which is enabled via External Connected Apps on the Salesforce platform.  Release of Client Credential grant support with Salesforce Data Actions will be coming in the next couple of weeks, along with documentation on how to migrate from Username/Password to Client Credential grant for existing customers (tl;dr, you just update the credentials on the integration; no need to make changes to the data actions themselves.)  We do highly recommend testing the new credentials in a different integration prior to implementing on an integration that serves data actions that are used in production.



    ------------------------------
    Richard Schott
    Product Manager
    ------------------------------

    Original Message


  • 7.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 7 days ago

    Hi @Richard Schott,
    is this update related to this idea? https://genesyscloud.ideas.aha.io/ideas/OP-I-1127



    ------------------------------
    Elisson Fernandes
    ------------------------------

    Original Message


  • 8.  RE: Connect Genesys Data Action to Sales force by External application instead of User/Token

    Posted 7 days ago

    Yes.  



    ------------------------------
    Richard Schott
    Product Manager
    ------------------------------

    Original Message


Related Content