Dear Community,
I develop an application that creates webhook to monitor various call states using /restapi/v1.0/account/~/telephony/sessions event filter. For the development I use sandbox account. I got credentials (Client Id, Client Secret) for my application. My application don't have UI and supposed to run on the server so I use chose JWT Auth flow and create JWT token for my Developer account. So in order to authorize I need to provide all 3 above parameters to initialization and authorization functions. All works fine with the sandbox account.
As a next step I would like my application to be able to monitor call states of different customers that have account at RingCentral platform. In this regard, I have a number of questions:
1. Do I have to set my application type to 'public' to make it accessible by RingCentral customers?
2. To access call states information of my account I use Client Id, Client Secret that belong to my application and developer JWT token that belong to my developer account.
How my application can access another customer account information? Should it use Client Id, Client Secret of my application but JWT token from another customer developer account? Should customer just share JWT token of the developer account with me?
3. In order to deploy my application to production and let it be used by RingCentral customers it needs to go through app graduation process, promotion in App Gallery is not necessary?
Thank you!
Best,
Nikolai
See my answer inline below:
1. Do I have to set my application type to 'public' to make it accessible by RingCentral customers?
A. Yes, a public application is required to serve multiple customers (accounts).
2. To access call states information of my account I use Client Id, Client Secret that belong to my application and developer JWT token that belong to my developer account.
How my application can access another customer account information? Should it use Client Id, Client Secret of my application but JWT token from another customer developer account? Should customer just share JWT token of the developer account with me?
A. Normally, for a public application, you should choose a 3 legged authentication for your customers to login, after a customer logs in, you can save the refresh token and use it to refresh the access token to access that customer's account. Since your app does not have the UI for the users to login, you can use JWT for your public app. This means that you must give your customers your app client id, and ask them to generate a JWT token for that app for their account and pass the JWT token to you and you will save that JWT token safely and use it to get access token to access that customer's account. Remember to ask them creating a JWT for a user who has enough permissions required by your app. E.g. if your app requires an admin user to read the company call log (the entire account call log), the JWT token must be generated by a super admin (or a user with the Read Account call log user permission).
3. In order to deploy my application to production and let it be used by RingCentral customers it needs to go through app graduation process, promotion in App Gallery is not necessary?
A. Yes, you need to test and satisfy the app graduation requirements. Since you are using the telephony session event notification which requires the Call Control app permission. It's a bit tricky to satisfy that permission if you don't call any other API that requires that permission. As a walk-around solution, you can just simply add some extra code to exercise the permission. E.g. you can detect incoming call, then call the Reject Call Party to reject the call. This will consider as exercising the Call Control permission and thus, will help you move forward to graduate your app. Or, alternatively, when you are done with testing and cannot see the Submit button active, open a dev support ticket to ask for manual graduation.
For publishing your app on the App Gallery, it is not required but think about it as a channel to promote your app to reach more RingCentral customers. However, you will need a front page to provide app features as well as requirements (such as how to setup, generate and pass the JWT token etc.)
A new Community is coming to RingCentral!
Posts are currently read-only as we transition into our new platform.We thank you for your patience
during this downtime.
Try Workflow Builder
Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!Try RingCentral Workflow Builder
