As developer with a “Super Admin” role, and logged in to the developer portal as myself, I created an RC app with JWT authentication. Our database uses the API to send automated SMS/MMS messages, for which I use the app’s ClientID, ClientSecret, and JWT auth.
If I send an SMS “from” a phone number connected to my extension, it gets sent with no problem. But I’m not the user, just a developer. If I send with extensionID of “~”, I get error “ "Phone number doesn't belong to extension". And if I set extensionID to the specific user’s actual extensionID, I get the error message explained by
But what I don’t understand is HOW to authenticate with the correct extension’s username and password. Do I have to explain to the agent how to log into the developer portal and create their own app in order to provide me with their own ClientID and ClientSecret? Or are they expected to provide me with their personal username and password and I use the Base64 capture of that for the ‘Basic’ authorization header (which would break every time they change their password)? Or… ?
I thought the whole idea of creating an app as Super Admin was that the combination of clientID, secret, and JWT cert was enough to authenticate across all of the company’s SMS phone numbers… no?