Genesys Cloud - Developer Community!

Hi everyone,

I'd like to confirm my understanding around the behavior of enableFrameworkClientId=true in the Embeddable Framework.

Observed behavior

• If enableFrameworkClientId=true is included on the initial iframe load, the UI shows the floowing error:
  • Sorry, Genesys Cloud cannot authenticate you at this time. The OAuth client ID or redirect URI is invalid
• All OAuth redirect URIs (including those with query parameters) are correctly registered in OAuth client.

For reference, we are using the PKCE OAuth flow (usePKCEAuthFlow = true).

---

Workaroud we are using

1. Load the Embeddable Framework iframe without enableFrameworkClientId=true -> OAuth login completes successfully.
2. After the login session is established, reload the iframe with enableFrameworkClientId=true -> PureCloud.User.getAuthToken() becomes available and works as expected.

---

Understanding/question

My current understanding is:

• OAuth authentication itself happens only once (in step 1)
• The second iframe load reuses the existing Genesys Cloud login session
• No additional OAuth authorization or token exchange occurs in step 2

Is this understanding correct?

Additionally, is reloading the iframe the recommended approach to enable Framework Client tokens, or is there a better pattern to achieve this without reloading?

Thanks in advance.

#EmbeddableFramework

------------------------------
Katsuya Watabe
------------------------------

The `usePKCEAuthFlow` setting is not supported yet (see the Feature postponement announcement at the top of this documentation).

Please try again using an appropriate OAuth client grant type without the `usePKCEAuthFlow` setting to see if that make a difference. Thank you.

------------------------------
Junji Sawada
Senior Software Engineer, Team Lead

Original Message:
Sent: 01-26-2026 20:20
From: Katsuya Watabe
Subject: OAuth error with "enableFrameworkClientId" in Genesys Embeddable Framework – is iframe reload the only solution?

Hi everyone,

I'd like to confirm my understanding around the behavior of enableFrameworkClientId=true in the Embeddable Framework.

Observed behavior

• If enableFrameworkClientId=true is included on the initial iframe load, the UI shows the floowing error:
  • Sorry, Genesys Cloud cannot authenticate you at this time. The OAuth client ID or redirect URI is invalid
• All OAuth redirect URIs (including those with query parameters) are correctly registered in OAuth client.

For reference, we are using the PKCE OAuth flow (usePKCEAuthFlow = true).

---

Workaroud we are using

1. Load the Embeddable Framework iframe without enableFrameworkClientId=true -> OAuth login completes successfully.
2. After the login session is established, reload the iframe with enableFrameworkClientId=true -> PureCloud.User.getAuthToken() becomes available and works as expected.

---

Understanding/question

My current understanding is:

• OAuth authentication itself happens only once (in step 1)
• The second iframe load reuses the existing Genesys Cloud login session
• No additional OAuth authorization or token exchange occurs in step 2

Is this understanding correct?

Additionally, is reloading the iframe the recommended approach to enable Framework Client tokens, or is there a better pattern to achieve this without reloading?

Thanks in advance.

#EmbeddableFramework

------------------------------
Katsuya Watabe
------------------------------