I finally got Client ID & Client Secret.
If you could please answer each of the question posted below.
Client ID is specific to an organization and not to an individual user.
Is this Correct ?
I have a CRM that we want to Integrate with Pure Cloud.
We want to the integration from the Browser Client using Java Script.
If I do the following (see code copied from one of Pure Cloud Tutorials below), no login screen popped up !
However the logic did proceed and set up notifications handling in function handleNotification.
Since no log in screen popped up and no user credentials were entered, I am assuming that the notifications set up in function "handleNotification" (see the code) are NOT FOR A SPECIFIC USER. They are across the board for all users who are using pure cloud for this client id. Meaning that no matter which user receives a call, handleNotification function will be invoked.
Is this Correct ?
What would I have to do for the Pure Cloud Login Screen to Pop Up so that the user may enter their credentials ? Should we be using Client Credentials Grant Type instead of Token Implicit Grant for this to happen ? If we do so, will the notifications set up in "handleNotification" function be only
for the logged in user ? (this is what we want to happen)
I assert that using Implicit Grant cannot distinguish between users.
Am I correct in this assertion ?
I finally got Client ID & Client Secret.
We want to the integration from the Browser Client using Java Script.
Should we be using Client Credentials Grant Type instead of Token Implicit Grant for this to happen ?
Be sure you're using an Implicit Grant to log in. Under no circumstances should use you use a client credentials grant in the browser. That is a massive security risk and may get your oauth client revoked (client secrets must be handled like passwords).
Client ID is specific to an organization and not to an individual user.
Is this Correct ?
An implicit or token client ID can be used to authorize any user from any org for your app.
However the logic did proceed and set up notifications handling in function handleNotification.
Since no log in screen popped up and no user credentials were entered, I am assuming that the notifications set up in function "handleNotification" (see the code) are NOT FOR A SPECIFIC USER. They are across the board for all users who are using pure cloud for this client id. Meaning that no matter which user receives a call, handleNotification function will be invoked.
Is this Correct ?
No, that is not correct. If you're already logged in to PureCloud in that browser, when you try to log in again, you'll get a new access token for the user that's already logged in. Navigate to https://login.mypurecloud.com/logout to log out of your session. Next time you try to log in, you'll be prompted for credentials.
I assert that using Implicit Grant cannot distinguish between users.
Am I correct in this assertion ?
No. You must log in as a user. You're just not seeing the login page per the explanation above.
If no credentials were entered when doing an "implicit" log in, how does pure cloud distinguish between different users. The two scenarios are:
Tim is logged into our CRM and from his browser we do an implicit log into Pure Cloud (no credentials).
John is logged into our CRM and from his browser we do an implicit log into Pure Cloud (no credentials).
How does Pure Cloud know that one was Tim and the other was John (since no credentials were entered) ? How does Pure Cloud know that when the John gets the call at his station, the notification function in John's browser is to be invoked ? And when Timgets the call at his station, the notification function in Tim's browser is to be invoked ?
If no credentials were entered when doing an "implicit" log in, how does pure cloud distinguish between different users.
The app uses whatever user is currently logged into PureCloud. When you go to https://apps.mypurecloud.com, it does not ask you to log in every time unless you've cleared your browser sessions. If you log out of PureCloud, then you you will be redirected to the login page. An implicit login always has an associated user context. Try your app in a newly opened Chrome Incognito or Firefox Private windows - it will require you to log in.
Even if the pure cloud login screen came up, would this not be an example of "Credentials Login" ?
The one that you are forbidding us to use from the browser ?
Or even if the log in screen comes up, will this be an example to "implicit login".
I thought Credentials Login is where a Pure Cloud Login Screen comes up and you enter userid and password ?
I am confused. So are you saying that when I am using implicit login then also the pure cloud login screen will come up and when I do a credentials login then also pure cloud login screen will come up ?
Even if the pure cloud login screen came up, would this not be an example of "Credentials Login" ?
The one that you are forbidding us to use from the browser ?
No.
Or even if the log in screen comes up, will this be an example to "implicit login".
It depends. It is if you're using an implicit grant.
I thought Credentials Login is where a Pure Cloud Login Screen comes up and you enter userid and password ?
No.
So are you saying that when I am using implicit login then also the pure cloud login screen will come up
Yes.
when I do a credentials login then also pure cloud login screen will come up ?
If you mean client credentials, no.
I would highly suggest reading through the Authorization documentation, specifically the articles explaining each of the four grant types. You should also try implementing each of them so you can see what the experience is for each. There are also tutorials for each grant type.
If implicit grant is also going to throw up the login scree, then what is "implicit" about it ?
Also I have Pure Cloud Desk top on my machine.
I had previously successfully logged into it and was receiving calls at the number assigned to me.
Then I logged out of the PureCoud desk tp application.
If implicit grant is also going to throw up the login scree, then what is "implicit" about it ?
Also I have Pure Cloud Desk top on my machine.
I had previously successfully logged into it and was receiving calls at the number assigned to me.
Then I logged out of the PureCoud desk top application.
However
the following still works from my java script ! (even when I am logged out of the Pure Cloud desktop app that receives phone calls). It does not throw a login screen from java script but I am logged in and receiving notifications (even when the phone is not ringing since I am logged out of the Pure Cloud Desktop Application.
Why is that so ? How could this be ?
Also note that the screen has never shown from javascript so that only place I have logged into is from the Pure Cloud Desktop.
It does not throw a login screen from java script but I am logged in and receiving notifications (even when the phone is not ringing since I am logged out of the Pure Cloud Desktop Application. Why is that so ? How could this be ?
The PureCloud web client and your custom app are different applications. Logging out of one does not log you out of the other. Also, as previously discussed, you won't be prompted for credentials again if you're already logged in. As RJ suggested, try loading your app using a clean incognito session.
I cleared the browser cache and cookies still login screen does not show for implicit grant.
Which cookie (or whatever else) do I need to remove for the login screen to show up for an implicit grant ?
If you're still not getting the login screen, be sure to remove all of the cookies for all mypurecloud domains and subdomains. You can also use https://login.mypurecloud.com/logout as mentioned above to log out all sessions in that browser instance.