I want to give my web application the permission to get the queue information from Genesys cloud, then display the chat window based on that queue information.
and my application have millions of users who do not have the access to Genesys cloud.
I tried to use implicit grant type to grant my app permission , but my application was always redirected to Genesys login page which was not acceptable as my users do not have access to Genesys cloud.
client credentials grant type is not supported on browser.
which authentication method I could use to grant my web application the access to Genesys cloud to get the data from Genesys cloud without login to Genesys ?
is that any code example for it ?
We have a blueprint that shows how to use the Genesys Cloud SDK in a react project. The project uses
implicit grant type so might be able to help with your problem. The blueprint is available here. I understand you might not be familiar with react but most of the interactions with the sdk are done in this file. I hope this helps.
This is a fundamental misunderstanding of the platform's authorization. You don't grant your web app permissions, you grant permissions to a user. If you want your web app to make API requests, a user must complete an OAuth flow to authorize the web app. Once authorized by a user, the web app can make API requests on behalf of that user. You can read more about authorization here: https://developer.genesys.cloud/authorization/platform-auth/.
If you want to expose information from the API to users that are not authorized to use the API, you must develop your own middleware service that handles the authorization between your users and your middleware, then that middleware service can be authorized using client credentials to make API requests on its own behalf. Client credentials cannot be used in the browser; doing so would provide your client secret to everyone on the internet, granting the entire internet direct access to your org.
thanks for your reply.
we are also using react, the problem is that our web application will be redirected to Genesys login page if using implicit grant type. but our millions of users do not have access permission to Genesys.
the request was that we want to display web chat for users in our web application based on queue status, so firstly, I want to get that queue information using Genesys API, and then decide whether to display web chat or not based on queue information.
in order to get that queue information using Genesys API, my web application need to be authenticated, but my web application was redirected to Genesys login page when using implicit grant type.
thanks for make that clear.
our web application have millions of user, we can not grant all users the access permission to Genesys cloud, right ? in this case , as you mentioned, I need to create my middleware to give my web application the access to Genesys, right ? did we have any guideline or example for creating that middleware ?
No, this is entirely dependent on your architecture, language, and security requirements unique to your situation. This middleware can be literally anything that suits your use case. Maybe that's a backend web server that is already integrated with your website, or maybe it's an addition to some other web API you have for your site. Or maybe it's development of a new service if you don't already have a place to put the functionality.
step 1 : in backend, post authentication request and then return a token,
step 2 : in frontend, ask for Genesys information (like queue status) using token.
but I still have a question, our website application have millions of clients, each time clients enter our website , it will implement step1 which will sent millions of request to Genesys at the same time, does Genesys has limitation for API request at one time ? do you have any idea for it ?
That's a good example of the pattern, but be wary of the app's code itself; it's 5+ years old and hasn't been actively maintained. If you're going to use that app as a basis for your own, make sure you update the dependencies and ensure that its interfaces meet your security needs; the app is meant as a proof of concept demonstration, not as a turnkey solution.
Throughput is definitely something you'll want to account for in your design by being pretty aggressive in caching the current state in your middleware. A good pattern would be to have a timer in your service that refreshes the data every X minutes/seconds, whatever makes sense for your use case. Then incoming requests to your middleware will only serve data from its cache and not directly trigger a Genesys Cloud API request.
Your app will be limited to 300 requests per minute by the main API rate limiter, and certain endpoints have additional limitations. Each endpoint's documentation states which limits apply to it and you can view the full list of documented limits here: https://developer.genesys.cloud/organization/organization/limits. There are no limits on concurrency, just on rate. Making 300 requests in parallel or sequentially will be counted the same.