Genesys Cloud
Deprecation: Access control based on role name
| Announced on | Effective date | Aha! idea |
|---|---|---|
| 2017-08-09 | 2017-11-15 | - |
Currently there are still endpoints in public API that allow access to users that are assigned a role of a specific name. This functionality will be removed and access only granted for users with correct permissions. Certain views in the Genesys Cloud UI do interact with these endpoints, so even users who only use the UI may be affected.
On August 9, 2017, Genesys will:
- Remove public APIs that allow access to users that are assigned a role of a specific name documentation from the Resource Center.
On November 15, 2017 Genesys will:
- No longer allow access in public API by checking that users are assigned a role of a specific name.
- Remove the feature from Genesys Cloud.
FAQs
Am I affected?
Most likely not. Genesys continually monitors for access based on role names and our support and account management teams work with customers to rectify the issue.
Which APIs are affected by the deprecation?
Below is a list of public API endpoints that will be changed, along with the permissions that will be required for access and the role names that currently allow access.
| API endpoint | Verbs | Required permission | Allowed role name | Functionality |
|---|---|---|---|---|
| API endpoint | Verbs | Required permission | Allowed role name | Functionality |
| api/v2/analytics/conversations/aggregates/query | GET | analytics:conversationAggregate:view | supervisor | View analytics conversation aggregate data. |
| api/v2/analytics/conversations/details/query | GET | analytics:conversationDetail:view | supervisor | View analytics conversation detail data. |
| api/v2/analytics/conversations/{conversationId}/details | GET | analytics:conversationDetail:view | supervisor | View analytics conversation detail data. |
| api/v2/analytics/conversations/{conversationId}/details/properties | POST | analytics:conversationProperties:index | supervisor | Index analytics conversation properties data. |
| api/v2/analytics/evaluations/aggregates/query | GET | analytics:evaluationAggregate:view | supervisor | View analytics evaluation aggregate data. |
| api/v2/analytics/queues/observations/query | GET | analytics:queueObservation:view | supervisor | View analytics queue observation data. |
| api/v2/analytics/users/aggregates/query | GET | analytics:userAggregate:view | supervisor | View analytics user aggregate data. |
| api/v2/analytics/users/details/query | GET | analytics:userDetail:view | supervisor | View analytics user detail data. |
| api/v2/analytics/users/observations/query | GET | analytics:userObservation:view | supervisor | View analytics user observation data. |
| api/v2/architect/ivrs | GET, POST | telephony:plugin:all | admin, telephonyAdmin | Create an IVR or view a list of IVRs. |
How can I prepare for the feature removal?
If we identify your organization as one that needs to be fixed, a Genesys employee will reach out to you. However, Genesys only becomes aware that an organization needs to be fixed based on user activity, so we may not be able to identify all potentially affected organizations and users. An administrative user from your organization should review the configuration of your organization’s roles and ensure that users who need the listed functionality have roles with the correct permissions.
What if I need help or have questions?
For information on how to contact support, see Genesys Cloud Customer Care.
