Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1735
Views
0
Helpful
2
Replies

Single Sign-On—Fetch Access Token API not working

Go to solution
gauravmarch
Level 1
Level 1

‎05-31-2019 05:43 AM

Dear Experts,

 

I am trying to fetch the access token using Finesse SSO Rest API, but its not working.

 

My steps/usecase is following:

- If I invoke the url: https://<MY_FQDN>/desktop/sso/test (https://developer.cisco.com/docs/finesse/#!single-sign-on-test-api), it redirects me correctly to SSO login screen, where post login it shows me succesful message with following content:


SSO Authentication is successful.
Authenticated user-id is sso_agent
Authenticated user-realm is {my_realm}
Authenticated user-principal is {my_principal}
Access token expiry 3,600
Refresh token expiry 36,000

 After this when I invoke token request (within same session) to url  https://<MY_FQDN>/desktop/sso/token (https://developer.cisco.com/docs/finesse/#!single-sign-on-fetch-api/single-signonfetch-access-token-api)

it gives me following error:

errorType"Request Forbidden"
errorData""
errorMessage"Request could not be processed since SSO is disabled or session is invalid."

 

Could someone please help me out in figuring out what I am doing wrong here?

Please note SSO is enabled on finesse for this agent.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dekwan
Cisco Employee
Cisco Employee

‎05-31-2019 10:31 AM

Hi,

 

The Single Sign on Test API is just a Test and isn't actually useful for getting the token. If I am understanding from the other posts, you are building a server side application. If that is the case, you should be using the IdS SDK.

 

Thanx,

Denise

View solution in original post

0 Helpful
2 Replies 2

Go to solution
dekwan
Cisco Employee
Cisco Employee

‎05-31-2019 10:31 AM

Hi,

 

The Single Sign on Test API is just a Test and isn't actually useful for getting the token. If I am understanding from the other posts, you are building a server side application. If that is the case, you should be using the IdS SDK.

 

Thanx,

Denise

0 Helpful

Go to solution
Marek (gaman-gt.com)
Level 3
Level 3

‎06-04-2019 09:12 AM

If you are using Finesse SSO API you need to have agent session active in the Finesse (pass all login credentials using out of the box login form). Once tha agent is logged into Finesse, SSO Fetch Token API becomes available.

 

Please look at the attached recording. it reproduces the issue that you have encountered. It was tested on Cisco dCloud with SSO enabled as: Hybrid Mode and SSO mode.

 

Marek
Web: https://gaman-gt.com
Preview file
1509 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents