How to authenticate the Platform / WebRTC API in a browser extension without a 2nd login (grant flow)?

When a user logs into the Genesys Cloud browser UI, there are two places an access token is stored: localStorage and sessionStorage. Currently, I am piggy backing on the authentication access token from localStorage to authorize the WebRTC SDK and plan to do the same for the Platform api; or use sessionStorage -- which makes more sense.

However, I wanted to know if there is an official/supported way to leverage the existing authorization access token / session for such a purpose as this?

Thanks,
Dan

You must implement one of the OAuth flows to authorize your custom applications. Aside from being a bad security behavior, scraping a token from another app is almost guaranteed to cause its functionality to be negatively impacted due to rate limiting and other token-based considerations. It also violates the API on-demand fair use policy and could subject your organization to a billing dispute due to inappropriate usage of the platform.

The OAuth flows have a feature to auto-authenticate the user without the user seeing the login screen when they have a valid session cookie with the auth service. This is a built-in feature; all you need to do is implement the OAuth flow to take advantage of it. (note that this feature can be disabled by your administrator, e.g. HIPAA orgs)

1 Like

Thank you Tim! I appreciate the clarification and was wondering about the auto-authentication feature. As a note, this has only been in development and we are not using this anywhere at the moment. Appreciate the quick response as always.