NielsS | 2018-12-17 10:26:20 UTC | #1
Hi,
I tried to make a PATCH /api/v2/conversations/{conversationId}/participants/{participantId} which worked fine in the developer tools. When I use the same code in an action I get a 403 forbidden as a response. The Oauth user has all roles possible and even then it still gives a 403 forbidden:
8. Execute: You are not authorized to perform the requested action.
- REST call for action execute failed. Message:Request to backend service failed. Response from web service: {"status":403,"code":"not.authorized","message":"Access to Conversation 7f9e9758-bc44-40b8-aef1-ad346b169e5e is forbidden.","messageWithParams":"Access to {type} {id} is forbidden.","messageParams":{"id":"7f9e9758-bc44-40b8-aef1-ad346b169e5e","type":"Conversation"},"contextId":"897b41ff-5ac7-4347-bf8a-921bb18f9eb7","details":[],"errors":[]} [17792cb9-fe37-4bb2-8c8d-288ee26e243e]
When I go back to the developer tools and put the same Ids in it works well. Is this a bug or do I need to make a custom role to have these actions enabled?
For convenience, the action code is attached.<a class="attachment" href="/forum/uploads/db6296/original/2X/4/4d3d355ec84f08dfb431743aed2e5f6dd90ab987.json">PATCH-PureCloud-Email-conversation-Participant-state-20181217112530.custom.json</a> (1.8 KB)
anon39326996 | 2018-12-17 14:12:31 UTC | #2
When you use dev tools, you are using your personal credentials so it works. This API requires user context and does not work with client credentials grant and oauth users.
What were you trying to accomplish?
NielsS | 2018-12-17 15:06:03 UTC | #3
Hi Lucie,
I am designing an action to patch a conversation from alerting to connected and later on disconnected. The goal is to have the Architect in control of a conversation.
In the Dev tools it works well with my credentials. When I make an action and give the same roles as I have, the action does not proceed and throws a 403 error when using the test option.
Is it possible to use an action with this type of API call?
anon39326996 | 2018-12-17 15:08:50 UTC | #4
No you cannot use a data action with this API call. PureCloud is not designed to have control over answering conversations within architect in the way you describe. You have to send the conversation to a queue for it to be answered by a live person. We also have a Lex bot integration within call flows and messaging flows, but that's somewhat different from what you are describing. If we have more info on the expected use case, we might be able to help advise on what to do.
NielsS | 2018-12-17 15:38:17 UTC | #5
Is it possible to use these API calls with an external Oauth connection? For example a .NET or c# application that takes control of the interactions.
tim.smith | 2018-12-17 15:43:08 UTC | #6
It's not a matter of your application type, it's a matter of how you authenticate. The dev tools authenticates you as a user using an implicit grant. For APIs that require a user context, you must authenticate using the implicit grant, auth code grant, or SAML2 Bearer grant. Client credentials does not have a user context and therefore cannot be used with resources that require a user. See more about the various types of authorization in the docs.
system | 2019-01-17 15:43:12 UTC | #7
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 4202