cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
295
Views
0
Helpful
6
Replies
Highlighted
Beginner

Finesse SSO CORS issue

I would like to make a request to https://finesse-domain/desktop/sso/token from another domain (not the finesse-domain from the request). I am able to do this from Postman but it results in a CORS issue from the browser. I don't get CORS problems when making other Finesse requests from the browser.

 

Is there a way to configure CORS to work with /desktop/sso/token?

Is there a way to configure a redirect URL for the /desktop/sso/token request to get the token to a page hosted on my domain?

Is there another way to get a bearer token (and later refresh that token) that can be used in REST requests to Finesse?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hi,

 

After talking to the Finesse team, they stated that the SSO APIs do not support CORS.

 

As workaround for now. they suggested to host an html page in 3rdpartygadget location and load them on their webpage which can then make a request to desktop sso apis in same domain.

 

Thanx,

Denise

View solution in original post

6 REPLIES 6
Highlighted
Cisco Employee

Hi,

 

What version of Finesse are you using? CORS is supported, but needs to be turned on for 12.5: https://developer.cisco.com/docs/finesse/#!cors-support-for-finesse-rest-apis

As far as I know, this is the only way to get the bearer token.

 

Thanx,

Denise

Highlighted

12.0(1)
CORS is working for requests like /finesse/api/User/0002145/ReasonCodes?category=NOT_READY but not for the SSO token request at /desktop/sso/token

Do we need 12.5 for CORS with SSO?
Highlighted

Hi,

 

Not that I am aware of. I will reach out to the Finesse team to check.

 

Thanx,

Denise

Highlighted

Hi,

 

After talking to the Finesse team, they stated that the SSO APIs do not support CORS.

 

As workaround for now. they suggested to host an html page in 3rdpartygadget location and load them on their webpage which can then make a request to desktop sso apis in same domain.

 

Thanx,

Denise

View solution in original post

Highlighted

I'm making the request directly to Cisco Identity Service instead. I can't use the SDK because it's Java, but I have been able to make OAuth requests and refresh tokens and so on.

Would there be any problem doing it this way?
Highlighted

Hi,

 

Unfortunately I am not an expert in SSO, but if you are able to get the token directly from the Cisco Identity Service, I don't see why there would be a problem. From my understanding, the Finesse SSO APIs are just a wrapper around getting it from the Identity service anyways.

 

Thanx,

Denise