Skip to main content

Is there a preferred flow for a server to server application acting on behalf of multiple users or a way to grant a token as an admin on an account?


I want to create a subscription for events on multiple extensions but seems like I would need to auth and maintain a token for each user or have each user manually login and create their own token that I need to manage and store? Is there a smooth and preferred way that I can allow a single auth flow to give me access to multiple extensions and be able to act on those extensions via subscriptions and call control?


It really depends on what you app does and who it serves. Is it a private app or a public app?

In any use case, if you want the user to login just once and use your app forever, then you must keep the access token and the refresh token of each user and keep the refresh token valid as long as the user stay logged in. By default, a refresh token will expire after 7 days. And you will get a new refresh token every time you use it to get a new access token, and the expiration time will be set again for 7 days. Thus, you have to keep the entire tokens returned from the platform and set a timer to automatically refresh the tokens if the user or your app stays idle for more than 6 days.

To your other question about either using a super admin extension token or each individual extension token. It depends on what your app is doing. If you only need to read e.g. the call log or the message store of each user extension, then login with a super admin user credentials to read data of other extension is enough, provided that you have your own way to recognize which user extension to read. But if you want to control calls or you want to send SMS from a particular user extension, then you must use the access token of that user extension to perform the operation. In other words, a super admin cannot perform certain operations on behalf of other user extensions.


Reply