I have seen this question being asked before but to be honest I didn't get the clear answer.
My JavaScript and Node code (that DOES NOT use express) creates a file at the end of a turn.
My final objective is to upload it to the storage in the particular directory. I need it to be automatic so implicit grant login is not an option.
What I have:
client v2 on .de domain
I have the id of the directory where I need to drop the file
absolute path to that file on a local machine
I am using Login Credentials Grant
What I know:
I know I need to use content Management API
I have read that loginCredentialsGrant will not work with this API, As i mentioned before , the implicit grant is not an option either and frankly I would prefer to do it the safest way possible to avoid instances overlapping (Or maybe I m being paranoid)
I really did not get the way the oAuth authorization grand flow and I would prefer to avoid installing additional npm packages like axios unless it really can improve the code size and readability
Can anyone give me a hand of how can I actually upload the file there?
So far my attempts gor stuck on this with a nice clean internal server error 500
As you've found, these things are directly at odds with each other. Content management APIs can only be used with user-based grant types, which means a headless service cannot use content management APIs. You can find more information about the implicit and auth code grants here: https://developer.genesys.cloud/api/rest/authorization/. If rearchitecting your app to be a web app or desktop app using a user grant isn't an option, you can request that content management APIs be made available to client credentials and share your use case at https://genesyscloud.ideas.aha.io/.
That is correct. A single oauth client can only have one grant type.
Hey Tim. Thank you very much for your clarification.
It is great to know my research was thorough but not great to hear that there will be an issue with achieving my goal.
I will consider sharing my case at the "ideas" thread but in the meantime as the deadlines never advance as fast as the time itself, I need help to find a workaround this issue.
Do you have any advice or a way for me to avoid this logging in issue.
Can, maybe , creating another user just for this purpose , help ? and what are the consequences if I create a new user? (I am asking because I do not know how many users can we create and is there some sort of financial dependency on amount of users. )
My advice is not to avoid it. Bypassing or misusing authorization or mishandling credentials (e.g. storing a user's credentials to spoof their presence in a service) is a security violation and is grounds to have your oauth client disabled. The only valid way to use the content management APIs is via a user-based application where a human has entered their credentials in the Genesys Cloud login screen to authorize the application.
If your requirement is to use content management APIs with client credentials, that is simply not possible in Genesys Cloud at this time and there is no workaround except to introduce a human into the app's flow.
Every user account consumes licenses, so you'd have to pay for the account. However, you still have to have a human present to complete a user-based auth flow so creating extra accounts doesn't change the situation.
Indeed I was asking all these things in order to stay on the right side of the law.
On that matter , is using axios oauth technology considered violation or there is nothing wrong with that ?
I mean I can't see why would it be but as a junior I've learned there are no bad questions
Correct. The auth code grant (<-- refer to the diagrams) requires the user to interact with the login server in a web browser to provide their credentials. Then a code is given to the backend service to exchange for a token to make API requests. That code can only be generated as a result of a human entering their credentials into the login server's UI in a web browser.
Either you're using client credentials or you're a human that enters your credentials when prompted. Authenticating leaves an auth cookie that allows for automatic reauthentication later. So if you're using an implicit or auth code grant in postman and getting new tokens without being challenged for your credentials, it's because of that auth cookie. There's still a human being challenged via web browser, it can just complete automatically without you seeing it sometimes.
I was thinking to raise a ticket on the genesys ideas as you suggested in the 1st response but I do not really understand how to create an account there cause my credentials don't work.
How do I login to pass the issue there?
A bit off- topic here but Its regarding the thread so I will just leave it here.
Thank you in advance,
Roman
You can find information about designated Care contacts and how to open cases with Care here: https://help.mypurecloud.com/articles/contact-genesys-cloud-care/. If you don't have the requisite account to access care, someone else in your organization will need to open the case on your behalf.
