SOAP webservice Data Action

Hi Team,

We are coming up with a requirement where in we need to consume/use SOAP API from a payment gateway. Just wanted to check if Genesys have any approach to do it which will be PCI compliant or anything in Genesys Road map to have access to SOAP API's.

We have gone through below link but again it states the conversion is not PCI compliant.
https://appfoundry.genesys.com/filter/purecloud/listing/e75e1f0b-49f8-4608-92a0-4887f57546a5

Regards,
Ameya

Data Actions do not support XML or SOAP services; only JSON REST services are allowed. To integrate with a non-REST service, you will need to write a middleware service that exposes a proper REST interface that exclusively uses JSON payloads. That middleware can then process the incoming requests, communicate with other services, and return a JSON response to the data action. I believe there is software you can purchase (not from Genesys) that can wrap legacy technologies in modern JSON-based REST interfaces if you don't want to write it yourself.

XML, and therefore SOAP, was explicitly excluded from the Data Actions design as it is very old technology. However, you are still welcome to request new features and share your use case at https://purecloud.ideas.aha.io/ideas.

Specifically addressing the issue of PCI compliance, an AWS lambda would be an ideal mechanism for translating between XML and JSON. AWS lambdas are invoked using a cross account IAM Role assumption, and AWS has certified their Lambda service as being PCI compliant (https://aws.amazon.com/compliance/services-in-scope/). IIRC, our professional services team has implemented this sort of XML to JSON conversion in a lambda several times in the past.

Hi Richard,

Thanks for sharing the information and clearing our way to move forward.

We are now going with solution of using Lambda for JSON to XML conversion and vice versa.One more query before we are fully convinced and move forward this way, we would like have a 2 way SSL integration with the SOAP API (Payment Gateway). So does Genesys Cloud have capability of saving the SSL certificate while we make the API call to the payment gateway.

Also if you can share some reference docs or use case details for the conversion XML to JSON, it will be really helpful.

Regards,
Ameya

Hi Ameya,

Can you expand on this:

we would like have a 2 way SSL integration with the SOAP API (Payment Gateway). So does Genesys Cloud have capability of saving the SSL certificate while we make the API call to the payment gateway.

What you are describing sounds somewhat like "Mutual TLS", which we do support:


although it would only be between the Data Action service and the endpoint it directly connects to.

If you are asking for something else could you be more specific about what it is called or reference an RFC?

--Jason

Hi Jason,

We are trying to access SOAP API(Payment gateway) using Lambda, but since interaction with the payment gateway should be using 2 way SSL ,We need to know how can we achieve this using Lambda acting as middleware.

Below is just a draft of flow we are expecting.

If we support can we have document with steps to save the certificates and use it in every lambda call we make.

Regards,
Ameya

I would not expect it to be possible to have a 2 way SSL connection between Genesys Cloud and the payment gateway with a lambda acting as middleware. The private certificate that Data Actions use to identify themselves can not be shared, so the lambda would not be able to use it to connect to the payment gateway.

You might be able to make the lambda setup 2 way SSL connections with both Genesys Cloud as well as the payment gateway to provide additional security. If/how that would be done is way outside of my experience.

Out of curiosity, could you share which payment gateway you are utilizing?

--Jason

Hi Jason,

Thanks for the response , we are utilizing JPMC payment gateway.

Also to keep this productive discussion moving ahead, Just confirm if below is the flow you are suggesting ?

Regards,
Ameya

Hi Ameya,

That is the general flow I was thinking of. As far as I know API gateway is only for handling incoming requests, so I don't think that #3 at the bottom or the note below it are accurate. I believe that the lambda would be directly connecting to the payment gateway.

--Jason

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.