nick_lynch | 2022-01-26 20:51:11 UTC | #1
I have two questions about scopes in WebRTC SDK:
- In the documentation for scopes for WebRTC SDK, https://developer.genesys.cloud/api/webrtcsdk/#app-authorization , it says it needs authorization and organization scopes. Not the read-only variants, it needs the read / write scopes. Are these correct? It seems like a lot of power to be giving to a softphone. We'd like to limit what clients do to the bare minimum needed to make our application work.
- The SDK makes a request to /api/v2/diagnostics/trace which fails with a 403. The response says "App not authorized to use scope [diagnostic]", but there is no diagnostic scope available to me from the OAuth UI.
anon78929116 | 2022-01-26 21:06:44 UTC | #2
- It should be fine to use the read-only variants. Off the top of my head, I can't think of any data that it actually modifies.
- This is something we need to look at. There's an internal only scope for diagnostics. We need to either expose this in a better way or default to an opted out position for diagnostics gathering.
system | 2022-02-25 21:07:11 UTC | #3
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 13343