We're implementing the Genesys Cloud CX Voice Transcript component in Salesforce and following the vendor documentation, which requires storing a private key on Lightning pages. For more context, please refer to step 7 on this documentation: Configure Genesys Cloud CX Voice Transcript component - Genesys Cloud Resource Center). Step 7 states:
In the Lightning App Builder, add the following components:
-
Enhanced Conversation – A standard component from Salesforce.
-
Genesys Cloud CX Voice Transcript – Genesys Cloud component to transcribe voice interactions in the contact center.Note: The component must be placed on the primary record tab to function correctly; it cannot be located within secondary tabs or tab controls.
-
Genesys Cloud Einstein Assist – Transmits the chat text to Einstein's Next Best Action. Select the following properties for the component:
-
Contact Center Name – Select the contact center name from the list.
-
Private Key – Enter the private key created for the CX Cloud from Genesys and Salesforce integration. For more information, see Requirements.
This raises concerns about private key visibility and alignment with our security posture. Ideally, we'd like to:
- Avoid displaying the key after import
- Use secure storage like AWS Secrets Manager or Fortanix
Has anyone implemented a workaround or secure pattern for this?
Are there any updates from Genesys on supporting centralized or secure key management (e.g., as proposed in Idea OPCRM-I-121)?
#Integrations------------------------------
Michael Perkins
------------------------------