Genesys Cloud
Deprecation: Access control based on role name
Announced on | Effective date |
---|---|
2017-08-09 | 2017-11-15 |
Currently there are still endpoints in public API that allow access to users that are assigned a role of a specific name. This functionality will be removed and access only granted for users with correct permissions. Certain views in the Genesys Cloud UI do interact with these endpoints, so even users who only use the UI may be affected.
On August 9, 2017, Genesys will:
- Remove public APIs that allow access to users that are assigned a role of a specific name documentation from the Resource Center.
On November 15, 2017 Genesys will:
- No longer allow access in public API by checking that users are assigned a role of a specific name.
- Remove the feature from Genesys Cloud.
FAQs
Am I affected?
Most likely not. Genesys continually monitors for access based on role names and our support and account management teams work with customers to rectify the issue.
Which APIs are affected by the deprecation?
Below is a list of public API endpoints that will be changed, along with the permissions that will be required for access and the role names that currently allow access.
API endpoint | Verbs | Required permission | Allowed role name | Functionality |
---|---|---|---|---|
API endpoint | Verbs | Required permission | Allowed role name | Functionality |
api/v2/evaluations/favoritetemplates/{templateId} | DELETE | quality:evaluationForm:edit | qualityAdmin | Remove a question template from the favorites toolbar. |
api/v2/evaluations/favoritetemplates | GET, POST | quality:evaluationForm:edit | qualityAdmin | Get a list of question templates from the favorites toolbar or add a question. |
api/v2/evaluations/templates/{templateId} | DELETE, GET, PUT | quality:evaluationForm:edit | qualityAdmin | Delete, view, or edit a question template. |
api/v2/evaluations/templates | GET, POST | quality:evaluationForm:edit | qualityAdmin | Get a list of question templates or create a new question template. |
api/v2/recording/mediaretentionpolicies | DELETE | recording:retentionPolicy:delete | qualityAdmin | Bulk delete media retention policies. |
api/v2/recording/mediaretentionpolicies | GET | recording:retentionPolicy:view | qualityAdmin | Get a list of media retention policies. |
api/v2/recording/mediaretentionpolicies | POST | recording:retentionPolicy:add | qualityAdmin | Create a media retention policy. |
api/v2/recording/mediaretentionpolicies/{policyId} | DELETE | recording:retentionPolicy:delete | qualityAdmin | Delete a media retention policy. |
api/v2/recording/mediaretentionpolicies/{policyId} | GET | recording:retentionPolicy:view | qualityAdmin | View a media retention policy. |
api/v2/recording/mediaretentionpolicies/{policyId} | PATCH | recording:retentionPolicy:edit | qualityAdmin | Edit a media retention policy. |
api/v2/recording/mediaretentionpolicies/{policyId} | PUT | recording:retentionPolicy:edit | qualityAdmin | Edit a media retention policy. |
api/v2/conversations/{conversationId} | GET | conversation:communication:view ** | admin, supervisor, qualityEvaluator | View another users’s conversation. |
api/v2conversations/*/{conversationId}/participants/{participantId} | PATCH | conversation:call:record *** | supervisor | |
api/v2/languages/{languageId} | DELETE, GET | routing:skill:manage | admin, supervisor, agent | View or delete a language. |
api/v2/languages | GET, POST | routing:skill:manage | admin, supervisor, agent | Ceate a language or get a list of languages. |
api/v2/quality/forms/{formId} | DELETE | quality:evaluationForm:delete | qualityAdmin | Delete an evaluation form. |
api/v2/quality/forms/{formId} | GET | quality:evaluationForm:view | qualityAdmin | View an evaluation form. |
api/v2/quality/forms/{formId} | PUT | quality:evaluationForm:edit | qualityAdmin | Edit an evaluation form. |
api/v2/quality/forms/{formId}/versions | GET | quality:evaluationForm:view | qualityAdmin | View an evaluation form’s revisions. |
api/v2/quality/forms | GET | quality:evaluationForm:view | qualityAdmin | Get a list of evaluation forms. |
api/v2/quality/forms | POST | quality:evaluationForm:create | qualityAdmin | Create an evaluation form. |
api/v2/quality/publishedforms/{formId} | GET | quality:evaluationForm:view | qualityAdmin | Get a published evaluation form. |
api/v2/quality/publishedforms | GET | quality:evaluationForm:view | qualityAdmin | Get a list of published forms. |
api/v2/quality/publishedforms | POST | quality:evaluationForm:create | qualityAdmin | Publish an evaluation form. |
api/v2/routing/languages/{languageId} | DELETE, GET | routing:skill:manage | admin, supervisor, agent | View or delete a language. |
api/v2/routing/languages | GET, POST | routing:skill:manage | admin, supervisor, agent | Ceate a language or get a list of languages. |
api/v2/routing/skills/{skillId} | DELETE, GET | routing:skill:manage | admin, supervisor, agent | View or delete a skill. |
api/v2/routing/skills | GET, POST | routing:skill:manage | supervisor | Ceate a language or get a list of skills. |
api/v2/analytics/conversations/aggregates/query | GET | analytics:conversationAggregate:view | supervisor | View analytics conversation aggregate data. |
api/v2/analytics/conversations/details/query | GET | analytics:conversationDetail:view | supervisor | View analytics conversation detail data. |
api/v2/analytics/conversations/{conversationId}/details | GET | analytics:conversationDetail:view | supervisor | View analytics conversation detail data. |
api/v2/analytics/conversations/{conversationId}/details/properties | POST | analytics:conversationProperties:index | supervisor | Index analytics conversation properties data. |
api/v2/analytics/evaluations/aggregates/query | GET | analytics:evaluationAggregate:view | supervisor | View analytics evaluation aggregate data. |
api/v2/analytics/queues/observations/query | GET | analytics:queueObservation:view | supervisor | View analytics queue observation data. |
api/v2/analytics/users/aggregates/query | GET | analytics:userAggregate:view | supervisor | View analytics user aggregate data. |
api/v2/analytics/users/details/query | GET | analytics:userDetail:view | supervisor | View analytics user detail data. |
api/v2/analytics/users/observations/query | GET | analytics:userObservation:view | supervisor | View analytics user observation data. |
api/v2/stations/{stationId}/associateduser | DELETE | telephony:plugin:all | admin, telephonyAdmin | Unassign a user assigned to a station. |
api/v2/locations/{locationId} | GET | telephony:plugin:all | admin, telephonyAdmin | View a location. |
api/v2/geolocations/settings | PATCH | telephony:plugin:all | admin, telephonyAdmin | Update an organizations’ Geolocation Settings. |
api/v2/telephony/providers/edges/* | (ANY) | telephony:plugin:all | admin, telephonyAdmin | Manage telephony edges. |
api/v2/voicemail/policy | GET, PUT | telephony:plugin:all | admin, telephonyAdmin | View or update voicemail policies. |
api/v2/voicemail/userpolicies/{userId} | GET, PATCH | telephony:plugin:all | admin, telephonyAdmin | View or update a user’s voicemail policy. |
api/v2/architect/ivrs/{ivrId} | DELETE, GET, PUT | telephony:plugin:all | admin, telephonyAdmin | Delete, view, or edit an IVR. |
api/v2/architect/ivrs | GET, POST | telephony:plugin:all | admin, telephonyAdmin | Create an IVR or view a list of IVRs. |
api/v2/architect/schedulegroups/{scheduleGroupId} | DELETE, GET, PUT | telephony:plugin:all | admin, telephonyAdmin | Delete, view, or edit a schedule group. |
api/v2/architect/schedulegroups | GET, POST | telephony:plugin:all | admin, telephonyAdmin | Create a schedule group or view a list of schedule groups. |
api/v2/architect/schedules/{scheduleId} | DELETE, GET, PUT | telephony:plugin:all | admin, telephonyAdmin | Delete, view, or edit a schedule. |
api/v2/architect/schedules | GET, POST | telephony:plugin:all | admin, telephonyAdmin | Create a schedule or view a list of schedule. |
api/v2/users/{userId}/station/defaultstation/{stationId} | PUT | telephony:plugin:all | admin, telephonyAdmin | Set a user’s default station. |
api/v2/users/{userId}/station/defaultstation/ | DELETE | telephony:plugin:all | admin, telephonyAdmin | Clear a user’s default station. |
How can I prepare for the feature removal?
If we identify your organization as one that needs to be fixed, a Genesys employee will reach out to you. However, Genesys only becomes aware that an organization needs to be fixed based on user activity, so we may not be able to identify all potentially affected organizations and users. An administrative user from your organization should review the configuration of your organization’s roles and ensure that users who need the listed functionality have roles with the correct permissions.
What if I need help or have questions?
For information on how to contact support, see Genesys Cloud Customer Care.