Deprecation: Access control based on role name


Announced on Removal begins
August 9, 2017 November 15, 2017

Currently there are still endpoints in public API that allow access to users that are assigned a role of a specific name. This functionality will be removed and access only granted for users with correct permissions. Certain views in the PureCloud UI do interact with these endpoints, so even users who only use the UI may be affected.

On August 9, 2017, Genesys will:

  • Remove public APIs that allow access to users that are assigned a role of a specific name documentation from the Resource Center.

On November 15, 2017 Genesys will:

  • No longer allow access in public API by checking that users are assigned a role of a specific name.
  • Remove the feature from PureCloud.

FAQs

Am I affected?

Most likely not. Genesys continually monitors for access based on role names and our support and account management teams work with customers to rectify the issue.

Which APIs are affected by the deprecation?

Below is a list of public API endpoints that will be changed, along with the permissions that will be required for access and the role names that currently allow access.

API endpoint Verbs Required permission Allowed role name Functionality
API endpoint Verbs Required permission Allowed role name Functionality
api/v2/evaluations/favoritetemplates/{templateId} DELETE quality:evaluationForm:edit qualityAdmin Remove a question template from the favorites toolbar.
api/v2/evaluations/favoritetemplates GET, POST quality:evaluationForm:edit qualityAdmin Get a list of question templates from the favorites toolbar or add a question.
api/v2/evaluations/templates/{templateId} DELETE, GET, PUT quality:evaluationForm:edit qualityAdmin Delete, view, or edit a question template.
api/v2/evaluations/templates GET, POST quality:evaluationForm:edit qualityAdmin Get a list of question templates or create a new question template.
api/v2/recording/mediaretentionpolicies DELETE recording:retentionPolicy:delete qualityAdmin Bulk delete media retention policies.
api/v2/recording/mediaretentionpolicies GET recording:retentionPolicy:view qualityAdmin Get a list of media retention policies.
api/v2/recording/mediaretentionpolicies POST recording:retentionPolicy:add qualityAdmin Create a media retention policy.
api/v2/recording/mediaretentionpolicies/{policyId} DELETE recording:retentionPolicy:delete qualityAdmin Delete a media retention policy.
api/v2/recording/mediaretentionpolicies/{policyId} GET recording:retentionPolicy:view qualityAdmin View a media retention policy.
api/v2/recording/mediaretentionpolicies/{policyId} PATCH recording:retentionPolicy:edit qualityAdmin Edit a media retention policy.
api/v2/recording/mediaretentionpolicies/{policyId} PUT recording:retentionPolicy:edit qualityAdmin Edit a media retention policy.
api/v2/conversations/{conversationId} GET conversation:communication:view ** admin, supervisor, qualityEvaluator View another users’s conversation.
api/v2conversations/*/{conversationId}/participants/{participantId} PATCH conversation:call:record *** supervisor
api/v2/languages/{languageId} DELETE, GET routing:skill:manage admin, supervisor, agent View or delete a language.
api/v2/languages GET, POST routing:skill:manage admin, supervisor, agent Ceate a language or get a list of languages.
api/v2/quality/forms/{formId} DELETE quality:evaluationForm:delete qualityAdmin Delete an evaluation form.
api/v2/quality/forms/{formId} GET quality:evaluationForm:view qualityAdmin View an evaluation form.
api/v2/quality/forms/{formId} PUT quality:evaluationForm:edit qualityAdmin Edit an evaluation form.
api/v2/quality/forms/{formId}/versions GET quality:evaluationForm:view qualityAdmin View an evaluation form’s revisions.
api/v2/quality/forms GET quality:evaluationForm:view qualityAdmin Get a list of evaluation forms.
api/v2/quality/forms POST quality:evaluationForm:create qualityAdmin Create an evaluation form.
api/v2/quality/publishedforms/{formId} GET quality:evaluationForm:view qualityAdmin Get a published evaluation form.
api/v2/quality/publishedforms GET quality:evaluationForm:view qualityAdmin Get a list of published forms.
api/v2/quality/publishedforms POST quality:evaluationForm:create qualityAdmin Publish an evaluation form.
api/v2/routing/languages/{languageId} DELETE, GET routing:skill:manage admin, supervisor, agent View or delete a language.
api/v2/routing/languages GET, POST routing:skill:manage admin, supervisor, agent Ceate a language or get a list of languages.
api/v2/routing/skills/{skillId} DELETE, GET routing:skill:manage admin, supervisor, agent View or delete a skill.
api/v2/routing/skills GET, POST routing:skill:manage supervisor Ceate a language or get a list of skills.
api/v2/analytics/conversations/aggregates/query GET analytics:conversationAggregate:view supervisor View analytics conversation aggregate data.
api/v2/analytics/conversations/details/query GET analytics:conversationDetail:view supervisor View analytics conversation detail data.
api/v2/analytics/conversations/{conversationId}/details GET analytics:conversationDetail:view supervisor View analytics conversation detail data.
api/v2/analytics/conversations/{conversationId}/details/properties POST analytics:conversationProperties:index supervisor Index analytics conversation properties data.
api/v2/analytics/evaluations/aggregates/query GET analytics:evaluationAggregate:view supervisor View analytics evaluation aggregate data.
api/v2/analytics/queues/observations/query GET analytics:queueObservation:view supervisor View analytics queue observation data.
api/v2/analytics/users/aggregates/query GET analytics:userAggregate:view supervisor View analytics user aggregate data.
api/v2/analytics/users/details/query GET analytics:userDetail:view supervisor View analytics user detail data.
api/v2/analytics/users/observations/query GET analytics:userObservation:view supervisor View analytics user observation data.
api/v2/stations/{stationId}/associateduser DELETE telephony:plugin:all admin, telephonyAdmin Unassign a user assigned to a station.
api/v2/locations/{locationId} GET telephony:plugin:all admin, telephonyAdmin View a location.
api/v2/geolocations/settings PATCH telephony:plugin:all admin, telephonyAdmin Update an organizations’ Geolocation Settings.
api/v2/telephony/providers/edges/* (ANY) telephony:plugin:all admin, telephonyAdmin Manage telephony edges.
api/v2/voicemail/policy GET, PUT telephony:plugin:all admin, telephonyAdmin View or update voicemail policies.
api/v2/voicemail/userpolicies/{userId} GET, PATCH telephony:plugin:all admin, telephonyAdmin View or update a user’s voicemail policy.
api/v2/architect/ivrs/{ivrId} DELETE, GET, PUT telephony:plugin:all admin, telephonyAdmin Delete, view, or edit an IVR.
api/v2/architect/ivrs GET, POST telephony:plugin:all admin, telephonyAdmin Create an IVR or view a list of IVRs.
api/v2/architect/schedulegroups/{scheduleGroupId} DELETE, GET, PUT telephony:plugin:all admin, telephonyAdmin Delete, view, or edit a schedule group.
api/v2/architect/schedulegroups GET, POST telephony:plugin:all admin, telephonyAdmin Create a schedule group or view a list of schedule groups.
api/v2/architect/schedules/{scheduleId} DELETE, GET, PUT telephony:plugin:all admin, telephonyAdmin Delete, view, or edit a schedule.
api/v2/architect/schedules GET, POST telephony:plugin:all admin, telephonyAdmin Create a schedule or view a list of schedule.
api/v2/users/{userId}/station/defaultstation/{stationId} PUT telephony:plugin:all admin, telephonyAdmin Set a user’s default station.
api/v2/users/{userId}/station/defaultstation/ DELETE telephony:plugin:all admin, telephonyAdmin Clear a user’s default station.

How can I prepare for the feature removal?

If we identify your organization as one that needs to be fixed, a Genesys employee will reach out to you. However, Genesys only becomes aware that an organization needs to be fixed based on user activity, so we may not be able to identify all potentially affected organizations and users. An administrative user from your organization should review the configuration of your organization’s roles and ensure that users who need the listed functionality have roles with the correct permissions. 

What if I need help or have questions?

For information on how to contact support, see PureCloud Customer Care.