How to authenticate with a Vonage Contact Center (VCC) API - Vonage Contact Center APIs - Confluence
2024.12.12 21:05Vonage Contact Center Product Documentation Spaces Apps Templates Create
Vonage Contact Center APIs
All content Calendars Space settings Content Results will update as you type. Developer portal guides Developer portal documentation Authentication API Documentation (Authentication API) API reference (Authentication API) Guides (Authentication API) • How to authenticate with a Vonage Contact Center (VCC) API Agent Availability API Agents API Conversation Analyzer API Insights Stats API Interaction Content API Interaction Content Export API Interactions API Payment API User Admin API Webhooks API V0 APIs Vonage Contact Center APIs / / Guides (Authentication API) / How to authenticate with a Vonage Contact Center (VCC) APIHow to authenticate with a Vonage Contact Center (VCC) API
Helen Griffith Owned by Helen Griffith Last updated: Oct 29, 2024 Loading dataThis guide describes how to get a bearer access token to authenticate your requests through our regional API gateway.
To use any VCC API, you need a bearer access token. Your bearer access token authenticates your request to the API. The API can check that you are authorized to make your specific request.
In this page
Getting a bearer access token
To get a bearer access token, you first need to get API credentials from VCC. Using these API credentials you can then request a bearer access token.
Scopes
Scopes define which API, or APIs, and resources your API credentials can access and what actions you can perform using the API with these credentials. You specify one or more scopes when you create your credentials. When you request a bearer access token for your credentials, you need to specify which one of the scopes the token is for.
The scope for API credentials for most VCC APIs is in the format object:action . For example, agents-availability:read gives read access resources in the Agents Availability API, and interaction-content:read gives read access to interactions returned by the Conversation Analyzer API.
API Scope description (as in API Credentials) Scope value (in API requests) Agent Availability API View agent availability agents-availability:read Agents API Read VCC user details, settings, and presences users:read Update VCC user details, settings, and presences users:write Conversation Analyzer API Read or download interaction content interaction-content:read Insights Stats API View Insights stats stats Interaction Content API and Interaction Content Export APIDelete interaction content (e.g. call recordings, transcripts)
interaction-content:deleteRead or download interaction content
Includes scheduling an export of interaction content from Vonage Contact Center to an external storage provider interaction-content:read Interactions APICreate and update active interactions
interactions:write Payment API Create secure payment sessions globalpci User Admin APIRead VCC user details, settings, and presences
users:read
Update VCC user details, settings, and presences users:write Webhooks API Read VCC administration settings admin:read Update VCC administration settings admin:writeGetting API credentials from VCC
To make calls to an API, you require API credentials which authenticate your request.
Your API credentials consist of:
your client ID. Your client ID identifies who you are, a bit like a user name. your client secret. Your client secret is a password that’s generated by VCC.If you do not already have API credentials, you will need to create them in API Admin. For information about creating new API credentials, see the Creating new API credentials section in this page.
If you already have API credentials and want to reuse these for an additional scope, you can add that scope to your existing credentials. For information about adding a new scope to existing API credentials, see the Adding a scope to your existing API credentials section in this page.
Creating new API credentials
To create API credentials for your account, perform the following steps:
1. Log in to the VCC Admin Portal and go to API Credentials . (If API Credentials does not appear, contact VCC support.)
Click Create New . Create API Credentials appears.
2. Provide the following information:
Field Description Name A name to identify the credentials later. We recommend that you use a name that describes the credential’s intended use. Type a name for the credentials. You can edit this later. ScopesThe scope or scopes that you want these API credentials to work with.
In the Scopes list, click to see the available scopes.
Click the name of the scope to add it.
Click x alongside the scope name to remove it.
Add as many scopes as you like to your API credentials. See the documentation for individual APIs to see which scopes you will require.
You can edit the list of scopes later.
3. Click Save API credential . A Success message appears and your new credentials appear.
Copy and save your client ID and secret; you cannot retrieve them later. You will need your client ID and client secret every time you make a call to authenticate with a VCC API.
4. Click OK . Your new credentials appear without the secret in API Credentials .
Adding a scope to your existing API credentials
If you already have API credentials for a VCC API, you can add other scopes to these credentials. A new scope might give you access to another API, or give you additional access to an API you can already use. From API Credentials , click to open the API credentials you wish to add a scope to. Add scopes as required.
Requesting your bearer access token
Using a tool for making API requests, send your client ID and secret in the request body to the token endpoint. The URL for the token endpoint is https://***.cc.vonage.com/Auth/connect/token, where *** represents a regional subdomain:
Region URL subdomain Base URL EMEA emea https://emea.cc.vonage.com USA nam https://nam.cc.vonage.com APAC apac https://apac.cc.vonage.comReplace *** with the correct subdomain for your region.
The request body requires the following parameters:
Parameter Description Example value grant_type A grant type of client credentials indicates that you are using OAuth 2.0 for authorization. client_credentials client_id The client ID provided by VCC. The ID identifies you. abcde client_secret The client secret provided by VCC. The secret is like a password. 12345 scope The value of scope determines the API and endpoints with which the bearer access token can be used. See the documentation for individual APIs and endpoints for information about the scope they require. agents-availability:readExample request
The following examples specify scope=agents-availability:read ; the token returned will be for use with the Agents Availability API. To get a bearer access token for a different API, change the scope accordingly.
cURL
curl -X POST \ https://emea.cc.vonage.com/Auth/connect/token \ -H 'content-type: application/x-www-form-urlencoded' \ -d 'grant_type=client_credentials&client_id=abcde&client_secret=12345&scope=agents-availability%3Aread' HTTP
Response
All requests to the token endpoint return various standard HTTP headers, including the response status code, and a response body in JSON format.
A successful request returns a HTTP response status code of 200 and a bearer access token. You can use the token to authenticate requests to the VCC API you specify in the scope request body parameter.
Token is returned in JSON format:
{ access_token : eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Inh0QTYyRXpEdW1 , expires_in : 7200, token_type : Bearer }Using a bearer access token
When you have got your bearer access token, use the token to authenticate every request you make to a VCC API.
Using a tool for making API requests, send your bearer access token in the authorization header in your request. You must provide the Bearer keyword to specify that you are using bearer authentication. The following examples call the Get agents-availability endpoint in the Agents Availability API. The bearer access tokens have been replaced with access_token .
The root URL for VCC APIs is https://***.api.cc.vonage.com , where *** represents a regional subdomain. URLs in the example code use in place of the region. To access the API for your region, replace with the correct subdomain for your region.
cURL
curl -X GET \ 'https://emea.api.cc.vonage.com/agents-availability?skillNames=French%2CEnglish' \ -H 'accept: application/vnd.newvoicemedia.v1+json' \ -H 'authorization: Bearer access_token ' \ -H 'content-type: application/json'HTTP
GET /agents-availability?skillNames=French,English HTTP/1.1 Host: emea.api.cc.vonage.com Content-Type: application/json accept: application/vnd.newvoicemedia.v1+json authorization: Bearer access_tokenBest practices
The following tips help you get the most out of your bearer access token:
By default, your token expires after 15 minutes. You can reuse your token as many times as you like (within any API limits set on your account) during that time. To reuse your token you can cache it until the expiry date time provided in the token. To avoid errors being returned by your API request due to an expired token, intercept 401 Unauthorized errors with a The access token is invalid or has expired message that your request receives when you use your cached token. If you receive such a message, request a new token and replace the stored value with the new one.
For information, see Trying out Vonage Contact Center APIs .
{"serverDuration": 36, "requestCorrelationId": "0e2be73795be4177a2ec42b4dd92db3c"}