There are 2 options
1/ You collect the JWT of each user and when that user loads the page, use his JWT token to get the access token and make a ring-out call.
2/ Implement 3-legged authorization so that it requires a user to login with their own RingCentral username/password. Once the user logged in, you get the access token and use it to call the ring-out API.
It would be helpful if you could provide us a working example(maybe a github link to project) for "Implementing 3-legged authorization". That would be much helpful in addition to api docs.
Ok, I tried the authorization code flow (Authorization code flow (ringcentral.com) and the callback successfully happens to the redirect_uri mentioned below after sign in on the ringCentral portal
https://platform.ringcentral.com/restapi/oauth/authorize?response_type=code&redirect_uri=http://localhost:53891/api/RingCentral/GetRingCentralCallback&prompt=login&client_id={clientId}&state=Create
Once we get the code at the callback url mentioned above, when we post to /restapi/oauth/token with post data, it seems to fail with the following response:
{ "error" : "invalid_client", "errors" : [ { "errorCode" : "OAU-153", "message" : "Invalid client: {clienId}", "parameters" : [ { "parameterName" : "client_id", "parameterValue" : "{clientId}" } ] } ], "error_description" : "Invalid client: {clientId}" }
I am using the same ClientId which is been passed to /restapi/oauth/authorize endpoint.
Below is the C# code for retrieving the token
string postData = "grant_type=authorization_code&code=" + code + "&client_id=" + rcOAuthClientId;
var rcAuthKey = CommanFunction.StrEncrypt(rcOAuthClientId + ":" + rcOAuthClientSecret);
var header = new WebHeaderCollection();
header.Add("Authorization", $"Basic {rcAuthKey}");
header.Add("ContentType", "application/x-www-form-urlencoded");
var result = HttpReqCall.Request(WebRequestMethods.Http.Post, rcAuthUrl, postData, header, "application/x-www-form-urlencoded");
Is this anything wrong which i am doing?