Authenticating with RC using server-only (No UI). Company has SSO enabled

  • 16 December 2020
  • 4 replies


I am developing a 100% back-end app (no UI components) in our company's CRM/ERP cloud solution called NetSuite (similar to salesforce if you haven't heard of it).

This script will run 100% in the background on a schedule. Its purpose is to reach out to ring central's API, retrieve text messages that were sent in the last 24 hours, and store those in NetSuite so that an employee can look at a customer's page and see the text message history with that customer (whether or not they were the rep who was texting the customer themeslves).

Our company has the following SSO setting in ring central production:

Allow Users To Log In with SSO or Ring Central Credential

Am I still able to use the password grant type in this case? If not, how can I authenticate with ring central's API? A 3-legged Oauth 2.0 would not make sense because there are no client-facing components to this.


4 replies

Yes, with that setting, you can have an app with password flow authentication.

where can I see this setting? I would like to know if we have the same setting. We are currently using SSO but I'm trying to build a backend process to download the call logs and I being told that I have to use SSO but within the Ringcentral API OAuth calls I don't have a redirect URI and this is a process with no end users to type in the credentials in a redirect URI page.

@Phong Vu Just wanted to thank you for the response, it was really helpful. I'd been told by multiple RC devs via email that it wasn't possible to do this, but it ultimately was possible.

RM - here's where that setting is for me:

In the ring central admin portal, click the 'More' tab, and it's under 'Security and Compliance' -> Single Sign-on

My 'Manage Your Login' says 'Allow users to log in with SSO or RingCentral credential'

thanks @Netsuite Dev... unfortunately my company's setting is set to SSO only.

So now I need to determine if is possible to use RingCentral API with SSO authentication without user prompting. Using API calls for backend processing.