To homepage To homepage
Solved

Webhook subscription keeps working even after removing all permissions

  • 30 September 2022
  • 2 replies
  • 280 views
N

Hi Community,

I have questions regarding app graduation. We have a app that gets telephony session notifcations through webhooks. We use just one filter: /restapi/v1.0/account/~/telephony/sessions

1. For testing purposes we removed all permissions from the app, but we still be able to subscribe/unsubscribe to/from the notifications and receive them. How is this possible? What is the reason for giving 'WebhookSubsciption' and 'CallControl' permissions to the app then?

2. We have similar situation: https://community.ringcentral.com/questions/109339/exercise-all-requested-permissions-not-met-even-th.html. We need to detect call states such as call start, hold, unhold and call end. From the response in above thread I understood that to pass graduation we only need to subscribe/unsubscribe several times and we only need 'WebhookSubscrition' permission set for the application. So why do we need then 'CallControl' permission at all?

Best,

Nikolai Chashchin


icon

Best answer by Phong1426275020 30 September 2022, 18:02

View original

2 replies

Phong1426275020
Rank
Userlevel 1

1. That's weird and it should not be working if the app does not have any app permission. I will test to verify this later.

2. Out of my head, I don't have the reason behind the requirement of the CallControl permission for only receiving the telephony session events. But unfortunately, it is the current requirement and I know that it causes trouble to app developers to meet the app graduation requirement for such a use case. For now, you need to implement some extra features to exercise the CallControl permission. Here is a simple one in Node JS.

// Within your Webhook callback function
...
hangupCall(body.telephonySessionId)
...


async function hangupCall(telSesId){
    try{
      await platform.delete(`/restapi/v1.0/account/~/telephony/sessions/${telSesId}`)
    }catch(e){
      console.log(e.message)
    }
}

Then make a few incoming calls to the phone number of a user extension who is authenticated to use your app.

N

Thank you!

Reply


Terms & ConditionsCookie settings
PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice