Currently we are not able to maintain user authorization to use mobile app with authorized webmessenger custom beacon. Auth token for genesys API calls is 24hrs long and has to be refreshed after that time.
Is there any mechanism that can refresh the token in backened of the mobile app that will refresh genesys auth token for the user without logging in again
is there a way for user to use webmessenger in mobile app, and when user is logged in this mobile app already, webmessenger will not prompt user to login again to use auth version of it. Possibly some auth token of the mobile app exchanged for auth token for Genesys webmessenger ?
Our biggest usecase is that users are remain logged in in their company mobile app for days/weeks and they should have to be able to keep using auth version of Genesys webmessenger there, after coming back there after x days for example. How can we handle that ?
Is there any mechanism that can refresh the token in backened of the mobile app that will refresh genesys auth token for the user without logging in again
Yes, there is an Api that allows you to silently refresh the Access Token.
/api/v2/webdeployments/token/refresh
This will work only if you initially requested the refresh token by specifying the offline_access scope when logging in.
is there a way for user to use webmessenger in mobile app, and when user is logged in this mobile app already, webmessenger will not prompt user to login again to use auth version of it. Possibly some auth token of the mobile app exchanged for auth token for Genesys webmessenger ?
Yes, Messenger will handle this for you in the background.
If you're not using Messenger, you'll have to handle it in your code.
However, as I understand, the 24 hours timeframe does not meet your needs.
Auth mechanism grants two tokens when logging in: the access token and the refresh token.
Access token has a short life time and act as a permission to use the protected Apis.
Refresh token is a long lived token and cannot exceed 24 hours. When the refresh token expires, the user has to login again. Refresh token is somehow the user session lifetime. A refresh token cannot be refreshed.
Expiration is a security safeguard in case refresh token would leak out or session would be stolen.
Such behavior is already implemented in various web apps sites (webmails, ...). Nothing new here.
Login again after session expiration should restore all messages, so user should not lose anything.
Positioning the cursor between the best user experience and improved security is not that easy.
If you do need to have more than 24 hours, we could think of having this value configurable in the related admin interface. May be an idea to push on the Genesys Idea portal ?