Calling the Users API in React

nick.wright · February 13, 2023, 12:44pm

I'm writing a React app to be hosted in AWS. It needs to display drop down lists of active users and queues. I'm following a React example downloaded from here: https://developer.genesys.cloud/blueprints/react-app-with-genesys-cloud-sdk/

To get the lists I need to authenticate and to authenticate I can only use Implicit Grant. This means the user has to manually log in to get redirected back to the app, but I don't want that as I'm using AWS Cognito for login and I don't want the user to log in twice. Client Creds login doesn't work in a browser. So, what's the correct way to do this? Should I get the lists via a Lambda function where, presumably, I could use client creds?

tim.smith · February 13, 2023, 3:13pm

The implicit grant is the only option for client-side apps.

nick.wright · February 13, 2023, 3:25pm

Hi Tim, so what are my options? My aim is to use a list of users and queues in a 3rd party app. I don't want the user to have to log in manually to get these lists. If I wrote the function to return lists in a Lambda function, could I use client credentials?

This is what I've got so far:

const platformClient = require('purecloud-platform-client-v2/dist/node/purecloud-platform-client-v2.js');
/**

@type {import('@types/aws-lambda').APIGatewayProxyHandler}
*/

const usersApi = new platformClient.UsersApi();
const routingApi = new platformClient.RoutingApi();
const client = platformClient.ApiClient.instance;

const CLIENT_ID = 'xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx';
const CLIENT_SECRET = 'xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx';

exports.handler = async (event) => {

let queues = function(data) {
    return client.loginClientCredentialsGrant(CLIENT_ID, CLIENT_SECRET)
    .then(() => {
        console.log("Got queues");
        return routingApi.getRoutingQueues()})
  }



let retValue = {
    statusCode: 200,

    body: "done", //JSON.stringify(returnMsg),
};

return retValue;

};

but it's not returning anything - not even getting to the "then" statement

tim.smith · February 13, 2023, 10:37pm

If the code above is all your code, I wouldn't expect it to. You define but never invoke the queues function. Even if you do invoke it, this lambda will always return the status code of 200 with the body of done because the the return retValue; statement will be run before the asynchronous response to the API request is processed.

tim.smith · February 13, 2023, 10:40pm

To answer this directly, your options are to use the implicit grant in your client-side app or change your architecture to include a server-side component that can safely handle client credentials and is access-restricted to authorized users of your web app. Using API Gateway and a lambda function with an authorizer is a good example of the latter.

system · March 16, 2023, 10:40pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.