I've been developing software professionally for 16+ years, and have never come across an API policy quite like RingCentral's.
Specifically this policy: https://devcommunity.ringcentral.com/ringcentraldev/topics/how-can-i-add-new-permissions-to-an-app-w...
Makes no sense at all to me. The post explains the "how" but not the why. Please help me understand why this crazy amount of hoops is needed to work with your API?
Here's my history with this, and why it's so frustrating:
- We had to switch to RingCentral quickly from another phone provider, so we needed to implement RingCentral's API as quickly as possible, to download call logs and recordings.
- Our phone numbers/etc were already switched over to RingCentral and collecting data/processing calls.
- I can't access the production data.. nope. I have to go through the sandbox and am told I need to create my own phone call data/recording data to test with. What? Why isn't there test data provided?
- Also discover that apps are only graduated once a week (Thursdays) after the team reviews them. What? Why is a team needed? Why only once a week?
- My code was sitting waiting to talk to production, yet I had to jump through other hoops (you have to make a certain number of successful requests on ALL permissions/endpoints in order to even request your app be reviewed). I just emailed the dev support email until my app was finally put into production.
- Fast forward a few weeks, and we need to start actually downloading recordings. I try and do it, and get an access denied. Come to find out we need a special hidden API permission to do this. Email dev support over and over until they finally give me the permission on production app.
- And now, today, I find in order to download voicemail data, I will need a new permission on my app. If I want to follow the rules, I'll have to go through a ton of work just to get this new permission, and I'll have to switch out all my app credentials to "go live". What a mess.
Can someone explain to me the purpose of all this? It's completely frustrating and maddening, and almost made our company bail on using RingCentral-- and maybe we're not a "huge" contract to you guys but we're easily a $3-4k/month contract.
I've literally never had to deal with API "graduation" requirements like RingCentral has. I understand locking down permissions on an app-- and that's great! But don't treat me like a child when I need more permissions from the API, and make me waste my development time on trying to get fake data into your sandbox, and query on the fake data a certain amount of times. It's insulting.
I'd like to either start a real dialog about why this policy exists, and if we can get it changed, at least for some users (like myself) who are "power users" and know how to integrate with an API. At the very least, I need the "ReadMessages" permission added to my existing app in my account.