I develop an application that creates webhook to monitor various call states using /restapi/v1.0/account/~/telephony/sessions event filter. For the development I use sandbox account. I got credentials (Client Id, Client Secret) for my application. My application don't have UI and supposed to run on the server so I use chose JWT Auth flow and create JWT token for my Developer account. So in order to authorize I need to provide all 3 above parameters to initialization and authorization functions. All works fine with the sandbox account.
As a next step I would like my application to be able to monitor call states of different customers that have account at RingCentral platform. In this regard, I have a number of questions:
1. Do I have to set my application type to 'public' to make it accessible by RingCentral customers?
2. To access call states information of my account I use Client Id, Client Secret that belong to my application and developer JWT token that belong to my developer account.
How my application can access another customer account information? Should it use Client Id, Client Secret of my application but JWT token from another customer developer account? Should customer just share JWT token of the developer account with me?
3. In order to deploy my application to production and let it be used by RingCentral customers it needs to go through app graduation process, promotion in App Gallery is not necessary?