We are building an application that runs on the PC of the operator as a "fat client", next to the Genesys UI. That application is built on dotnet and using the Platform API Client SDK - .NET.
The OAuth is defined as "Token Implicit Grant (Browser)" and has an id and secret.
Thanks for your response.
If I well understand, the PostToken is requiring that the user has been authenticated upfront to get the authorisation code. With this code the grant type will switch to "authorization_code". And the redirect uri is only there for the Genesys end point to verify that it matches the values defined, this request will not make any call to that url.
In other words the call to PostToken is not a single click operation like we can have with PostMan.
The ApiClient.PostToken with 4 parameters that you are looking at is related to an Authorization Code Grant flow.
Authorization Code Grant flow is a two-steps process.
The user (web client/form) will authenticate on the Genesys Cloud login web page.
On success, he is redirected to the provided redirectUri, which holds a "code" in its query parameter (i.e. authorization code).
This flow is usually for a server-side application that needs to get an access token from Genesys Cloud, so it can send Platform API requests on behalf of the user.
So the server-application gets the authorization code, and it then has to request an access token from Genesys Cloud (invoking Api.PostToken with the 4 parameters as in the .Net SDK page).
The access token can then be used on server-side application to perform the Platform API requests (on behalf of the user).
As you mention that you are going to use a Token Implicit Grant, it is a one-step process.
The user (web client/form) will authenticate on the Genesys Cloud login web page.
On success, he is redirected to the provided redirectUri, which holds an "access_token" as URI fragment/hash.
Your client-side .Net code can then retrieve this access token and set it in the .Net SDK API directly.
The OAuth Implicit Grant Login Flow tutorial gives an example of this first part of the process - user authenticates on the Genesys Cloud login web page and the client-side .Net code retrieves the access token (on successful authentication/redirect).
In order to leverage the Platform API .Net SDK, you can then set the access token in your code directly.
I don't have an available windows environment and I haven't done some .Net for a while.
But the code should use some of the lines shown in the Download Recordings tutorial.
This tutorial is for another Authorization Grant flow - using Client Credentials Grant. But some of the lines are relevant - as this tutorial uses the Platform API .Net SDK.
Just ignore the line with var accessTokenInfo = Configuration.Default.ApiClient.PostToken(clientId, clientSecret); as it is related to the Client Credentials Grant.
I mean:
// Set Region
PureCloudRegionHosts region = Enum.Parse<PureCloudRegionHosts>(orgRegion);
Configuration.Default.ApiClient.setBasePath(region);
// Set Access Token
Configuration.Default.AccessToken = theAccessTokenYouRetrievedFromTheRedirectURI;
// Create API instances
conversationsApi = new ConversationsApi();
recordingApi = new RecordingApi();
Hello Jerome,
Many thanks for the long description.
In first instance, I was expecting that the implicit grant should be handled by the SDK like for the client credential grant. I later understood that it is quite different.
I was trying the implicit grant thinking that it would be easier to implement. But accessing the URI fragment from the application launching the authentication is far from being easy. The example you mention is a partial class, we are missing the other part to have a clear view about the entire application.
I finally implemented an authorisation code grant where the code is easier to capture.
Regards,
Erik