Hello everyone, In genesys documentation
the service in the API "/api/v2/integrations/clientapps" show me that GET type requests are allowed.
However, when the same API service is validated in the browser console, it tells me that GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH requests are allowed, as seen in the image
Based on the above, I want to validate Why the other requests are allowed, since the client is making an observation about this.
I believe you're referring to the CORS header in the response; that is not a stand-in for API documentation. The API documentation at the link you posted is the correct place to determine which API endpoints exist for you to use.
To add to Tim's response. We only publicly document the GET operation for that API, but it doesn't mean that the other verbs are not implemented. Most likely they are but are only available for internal Genesys Cloud use. Although most of our APIs are publicly available we do have internal APIs that we do not expose.
If your client has concerns about this then they should reach out to their Genesys Account team and they discuss how Genesys security tests our platform and APIs.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
