We are looking at building an app to archive our call recordings and SMS messaging in an on premise database.
I have a question about the various auth flows available in the API. For the background, our business is such that we are required by law to record all of our communications with our clients. To that end, the 3 legged OAuth flow that is compatible with SSO, also gives end users the choice whether to have their communications archived. This is not appropriate and is not an option.
At the same time, policy is that all systems we use that contain client / customer data must be protected by multi factor authentication. The password type authentication flow is not compatible with our current SSO + MFA solution (Office 365 SAML in our case).
Is there an auth flow in the API that will give us the access we need that is also compatible with SSO?