Genesys Cloud - Main

 View Only

Sign Up

  Thread closed by the administrator, not accepting new replies.

  • 1.  Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-23-2023 11:45
    No replies, thread closed.

    Hi,

    We are trying to use APIs (new to Genesys Cloud) to achieve the below / link to Genesys

    Tutorial walks through the steps to get the sentiment score and voice transcript of voice interactions using the Speech and Text Analytics API.

    Voice Transcription (genesys.cloud)

    We have a new OAuth client (Client Credentials) set up and can get the OAuth token ok, but get error messages when trying to do the API calls as follows:

    {
      message: 'You are not authorized to perform the requested action.',
      code: 'not.authorized',
      status: 403,
      contextId: '23303c3c-da25-42ac-856c-3bedeba810a5',
      details: [],
      errors: []
    }

    The OAuth has a role with the permissions:

    Analytics>Conversation Details>View, and

    Speech and Text Analytics>Data>View

    We added the Conversation details one, but get the same error. Are more Permissions required for the Role for this OAuth?


    #Integrations

    ------------------------------
    Andy Forbes
    Domestic & General Services Limited
    ------------------------------


  • 2.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-24-2023 09:58
    No replies, thread closed.

    Please have a look near the bottom of this post for an explanation of how to determine which permissions (and scopes) might be needed to make any specific API request: https://community.genesys.com/discussion/oauth-token-implied-grant-error-when-trying-to-use-transcriptions-api



    ------------------------------
    Jim Crespino
    Senior Director, Developer Evangelism
    Genesys
    https://developer.genesys.com
    ------------------------------



  • 3.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-26-2023 09:52
    No replies, thread closed.

    The below image shows the permissions that we assigned to an oAuth account to successfully poll the following API Endpoints to download recordings and transcripts...

    • /api/v2/analytics/conversations/details/query
    • /api/v2/speechandtextanalytics/conversations/$($Object.conversationId)
    • /api/v2/speechandtextanalytics/conversations/$($Object."Conversation ID")/communications/$($Object."Session ID")/transcripturl
    • /api/v2/conversations/$($Object."Conversation ID")/recordings/$($Object."Session ID")?formatId=WAV&emailFormatId=NONE&chatFormatId=NONE&messageFormatId=NONE&download=true&fileName=$($($Object."Session ID").Replace("-","_"))&locale=$($recordingPath)
      • Note:  Conversation communicationId is the same as Conversation sessionId.

    My script is built in Microsoft PowerShell ISE.  All variables are preceded with a $ character. 

    Download recordings and transcripts permissions


    ------------------------------
    Carlos Albor
    Senior Principal PS Consultant
    ------------------------------



  • 4.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-26-2023 10:25
    No replies, thread closed.

    Carlos,

    I assume that since you are using PowerShell, then you are using the Genesys Cloud CLI for your script: https://developer.genesys.cloud/devapps/cli/.

    With the CLI you need to run 'gc profile new' to create a config.toml file.  The config file maintains the Client ID and Secret that should be used to make API requests.  It also contains an 'environment' property that directs the CLI to the proper region to send the API requests for your org.

    Have you setup the config.toml file propertly?  Does it have the proper client id and secret from your OAuth client?  Is the environment property set to the proper region where you org is hosted?



    ------------------------------
    Jim Crespino
    Senior Director, Developer Evangelism
    Genesys
    https://developer.genesys.com
    ------------------------------

    Original Message


  • 5.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-26-2023 16:52
    No replies, thread closed.

    Jim, 

    I am not using the GC CLI.  

    There is a process I use to prepare PowerShell_ISE to contain the bearer token in a Variable to use in any API calls.

    I set the authentication URL based on the region. 

    There is a clientid+clientsecret encryption process.  Followed by a process to convert it to UTF8 and then Base64String.  I haven't had any issues using this method.  



    ------------------------------
    Carlos Albor
    Senior Principal PS Consultant
    ------------------------------

    Original Message


  • 6.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-26-2023 11:02
    No replies, thread closed.

    Hi there,

    Thanks. I think I'm getting my head round how this works. We aren't downloading the voice recording, just the transcript so I think a slimmer set of permissions might be possible:

    So we are using:

    Conversation API - get conversation (conversationId) - permissions required - conversation:communication:view?

    Speech and Text Analytics API - get speechandtextanalyicsconversation (conversatonId) - permissions required - recording:recording:view?

    Speech and Text Analytics API - get SpeechandtextanalyticsConversationCommunicationTranscripturl(conversationId, communicationId) - permissions required - recording:recording:view?

    We have been advised to also have:

    Permissions - OAuth:All permissions (which is broad), but not sure if we need this at all?



    ------------------------------
    Andy Forbes
    Domestic & General Services Limited
    ------------------------------

    Original Message


  • 7.  RE: Using API to get voice transcriptions - Issue with OAuth access / role permssions

    Posted 10-26-2023 18:06
    No replies, thread closed.

    Andy, this looks accurate.  Your code should not need the OAuth > All permissions in the OAuth role.  Unless your code is creating/managing/requesting OAuth client details.  To do that you would need to have the /API/oauth URI in your code.  They may have suggested that so that you can create and manage OAuth client accounts, that you will use in your code.  



    ------------------------------
    Carlos Albor
    Senior Principal PS Consultant
    ------------------------------

    Original Message


Related Content