We are coming up with a requirement where in we need to consume/use SOAP API from a payment gateway. Just wanted to check if Genesys have any approach to do it which will be PCI compliant or anything in Genesys Road map to have access to SOAP API's.
Data Actions do not support XML or SOAP services; only JSON REST services are allowed. To integrate with a non-REST service, you will need to write a middleware service that exposes a proper REST interface that exclusively uses JSON payloads. That middleware can then process the incoming requests, communicate with other services, and return a JSON response to the data action. I believe there is software you can purchase (not from Genesys) that can wrap legacy technologies in modern JSON-based REST interfaces if you don't want to write it yourself.
XML, and therefore SOAP, was explicitly excluded from the Data Actions design as it is very old technology. However, you are still welcome to request new features and share your use case at https://purecloud.ideas.aha.io/ideas.
Specifically addressing the issue of PCI compliance, an AWS lambda would be an ideal mechanism for translating between XML and JSON. AWS lambdas are invoked using a cross account IAM Role assumption, and AWS has certified their Lambda service as being PCI compliant (https://aws.amazon.com/compliance/services-in-scope/). IIRC, our professional services team has implemented this sort of XML to JSON conversion in a lambda several times in the past.
Thanks for sharing the information and clearing our way to move forward.
We are now going with solution of using Lambda for JSON to XML conversion and vice versa.One more query before we are fully convinced and move forward this way, we would like have a 2 way SSL integration with the SOAP API (Payment Gateway). So does Genesys Cloud have capability of saving the SSL certificate while we make the API call to the payment gateway.
Also if you can share some reference docs or use case details for the conversion XML to JSON, it will be really helpful.
we would like have a 2 way SSL integration with the SOAP API (Payment Gateway). So does Genesys Cloud have capability of saving the SSL certificate while we make the API call to the payment gateway.
What you are describing sounds somewhat like "Mutual TLS", which we do support:
although it would only be between the Data Action service and the endpoint it directly connects to.
If you are asking for something else could you be more specific about what it is called or reference an RFC?
We are trying to access SOAP API(Payment gateway) using Lambda, but since interaction with the payment gateway should be using 2 way SSL ,We need to know how can we achieve this using Lambda acting as middleware.
I would not expect it to be possible to have a 2 way SSL connection between Genesys Cloud and the payment gateway with a lambda acting as middleware. The private certificate that Data Actions use to identify themselves can not be shared, so the lambda would not be able to use it to connect to the payment gateway.
You might be able to make the lambda setup 2 way SSL connections with both Genesys Cloud as well as the payment gateway to provide additional security. If/how that would be done is way outside of my experience.
Out of curiosity, could you share which payment gateway you are utilizing?
That is the general flow I was thinking of. As far as I know API gateway is only for handling incoming requests, so I don't think that #3 at the bottom or the note below it are accurate. I believe that the lambda would be directly connecting to the payment gateway.