clazaro | 2021-08-10 13:30:28 UTC | #1
I have a question regarding the integration of GC with an external application
The application is authenticating against GC using OAuth SAML, and it works well, it gets the "token" correctly.
Now, how can the application open the GC interface with the provided token? I have tried with https://apps.mypurecloud.de/directory/#access_token=xxxx but it doesn´t work
tim.smith | 2021-08-10 13:38:22 UTC | #2
Every application must obtain its own auth token. What are you trying to accomplish?
clazaro | 2021-08-10 13:41:22 UTC | #3
Hello Tim,
The external application is doing a number of non-Genesys tasks, then it is using the GC API to log the user in Genesys Cloud using SAML2 Bearer grant (entering user and password in Microsoft Azure) and once it has been correctly logged in (GC token is received), they want to open up Genesys Cloud interface
clazaro | 2021-08-11 09:46:13 UTC | #4
I have tried to use this URL with a token generated in a normal usr/pwd GC login process, and it worsk fine: https://apps.mypurecloud.de/directory/#access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&expires_in=691199&state=%2523%252F&token_type=bearer
clazaro | 2021-08-11 09:47:04 UTC | #5
maybe the token received by a SAML2 Bearer authentication is not suitable to open GC this way?
tim.smith | 2021-08-11 14:03:02 UTC | #6
clazaro, post:3, topic:11697
once it has been correctly logged in (GC token is received), they want to open up Genesys Cloud interface
You can open the Genesys Cloud interface by navigating the user to https://apps.mypurecloud.de. The app will initiate an OAuth flow for the user to authorize it if it needs it; you cannot do that process on behalf of the UI.
clazaro | 2021-08-12 04:44:05 UTC | #7
tim.smith, post:6, topic:11697
https://apps.mypurecloud.de.
Ok, thanks Tim, we are going to try this and will let you know the result.
clazaro | 2021-08-12 09:24:55 UTC | #8
Finally we have found this workaround that works fine:
- 1st request to SAML Provider (Microsoft) with "http://localhost:8000/saml" in the SAMLRequest, Issuer filed
- User enters login/pwd in Microsoft
- Microsoft sends back the SAMLResponse with assertion to "http://localhost:8000/saml"
- request to GC to get the token: https://login.mypurecloud.ie/oauth/token
- Use of token for backgound process
- 2nd request to SAML Provider (Microsoft) with "https://login.mypurecloud.ie/saml" in the SAMLRequest, Issuer filed this time
- As a result of this, Microsoft sends a request back to https://login.mypurecloud.ie/saml and the Genesys Cloud web desktop is opened directly
Thank you for your help.
system | 2021-09-12 09:25:31 UTC | #9
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 11697