Solved: Re: App types and tokens

MathInc · ‎06-21-2022

Hi

I have developed 2 web pages with Webex JS SDK. The first one will join a webex meeting with video + audio and the second one (multiple instances/users) will join the meeting only with audio.

Which app type(s) do I have to register? Should first web page be an "Integration" and the second "Guest Issuer" (because of multiple users)?

During development I was just using one development webex token on both sides, but I ran into issues. When I hangup on the second page, it ended the meeting on the first page. Sometimes I got the "user has excessive device registrations" issue, regardless if I unregister, when leaving the page. I guess it is because, I use the same token on both pages.

Raffaele Lagana · ‎06-23-2022

"So if all users left and right of the meeting rooms are webex users. I just need 1 integration app with 1 access token, but if some users at the right side are not webex users, I must use both an integration app and a guest issuer app?"
- Yes, that's correct. Integration for webex users and guest issuer for non-webex users.

"I have developed and tested the solution so far, with my customers test room, which I can enter without authenticate. I have just used an integration app and used same access token on both sides. But I guess then I somehow are using the same user on both sides? And thats why I experience some issues."

- Yes for this too. The same token will always represent the same person, even when used in different places. Probably the best way for you to test is to have a number of different users (different user tokens) join the same meeting. That should give you more consistent findings.

View solution in original post

Raffaele Lagana · ‎06-21-2022

Reading your description, it is not totally clear to me exactly what the goal is. You are asking whether the first app should be based on integration and the second one based on guest issuer, but you're not really describing what each app is meant for, so it is hard to answer this query at the moment.

Please note that both integrations and guest issuer apps can allow for 'multiple users' to join meetings. They are for different scenarios but they both can reach that same goal (in different ways) of having separate users join the meeting.

It might help if I describe what the usual scenarios for each one involve:

Integration - used by webex users to authorize a certain webex functionality, in this case the SDK. Once authorized, your code logic with the SDK can use that user's token to do stuff on behalf of that user. If another webex user needs to use this too, you simply get them to authorize the integration. Integration docs are found here: https://developer.webex.com/docs/integrations

Guest Issuer - Used when you need some authentication for non-webex users, where they can't use the above integration as they don't have a webex account. This works based on JWTs, which can then be exchanged for an OAuth Access token, to the use in the SDK. Separate users are defined by the sub and name claims that are part of the JWT payload, changing these for each JWT creation will mean that they will be seen as different users. Docs for guest issuer app is found here: https://developer.webex.com/docs/guest-issuer

Hope this helps, if not please let us know the scenario in more details, along with any additional queries you may have.

MathInc · ‎06-21-2022

Hi Raffaele

Thanks.

I don't fully get how to use apps/tokens in my solution. That's why I wrote the questions.

So, my 2 pages can be one app, with only one Webex token?

I have used JS SDK (https://developer.webex.com/docs/sdks/browser) to develop and I am able to join a meeting room from both pages with the same token (without giving username/password). The above link are not saying anything of authentication, but it could be my problem? I am signed in with the same user on both pages? So I have to make a second user, to test my solution.

Raffaele Lagana · ‎06-21-2022

I'm not sure what the app is supposed to do so I can't say for certain but I think that you can have one app to allow both guest and webex users join meetings.

A common scenario of having both working in tandem is when you have a use case where you have a host, who is a webex user and you have a guest, who's not a webex user but needs to join the meeting as a participant.

You can have the webex user authenticate through an integration, then once they authorize it, you can use that token in the init() function of the SDK. After that you proceed with the rest of the functions, to start and host the meeting.

From the guest user side, you would then instead use a guest issuer app. This would create a JWT for the guest, which you can then exchange for an access token too. This can then also be used in the init() function of the SDK, you just wouldn't have the host features that the webex user would have (through their licenses), but you can still participate in the meeting as normal.

It's possible to do this through one application, you just have to have an initial point at the start where you determine whether the user is a webex user or guest user, easiest thing is to just ask the user itself, whether they have a webex account or not. If they do, you can get them to authorize the integration, if not, you can create a JWT for them and exchange it for an access token, so they can join the meeting as a guest.

Again, this is just some guidance based on common scenarios, it may not be suitable for your use case as I'm not sure what exactly your scenario involves. I'm also not covering the whole process here, it is just a general guidance. Let us know in case of any additional queries.

MathInc · ‎06-23-2022

Thanks for response.

I have tried to draw my setup.

User A is a worker in "the field", who experience an incident that he/she wants to show to some experts (Ax) inside/outside the company (Webex users or not). Then they can have a discussion, how to solve the issue. Meanwhile there could be second user B (or multiple) who are showing video for other experts (Bx).

So if all users left and right of the meeting rooms are webex users. I just need 1 integration app with 1 access token, but if some users at the right side are not webex users, I must use both an integration app and a guest issuer app?

I have developed and tested the solution so far, with my customers test room, which I can enter without authenticate. I have just used an integration app and used same access token on both sides. But I guess then I somehow are using the same user on both sides? And thats why I experience some issues.

Raffaele Lagana · ‎06-23-2022

"So if all users left and right of the meeting rooms are webex users. I just need 1 integration app with 1 access token, but if some users at the right side are not webex users, I must use both an integration app and a guest issuer app?"
- Yes, that's correct. Integration for webex users and guest issuer for non-webex users.

"I have developed and tested the solution so far, with my customers test room, which I can enter without authenticate. I have just used an integration app and used same access token on both sides. But I guess then I somehow are using the same user on both sides? And thats why I experience some issues."

- Yes for this too. The same token will always represent the same person, even when used in different places. Probably the best way for you to test is to have a number of different users (different user tokens) join the same meeting. That should give you more consistent findings.

petrokorkov · ‎06-21-2022

so, the first web page should be "Integration" and the second - "Guest Issuer"

MathInc · ‎06-21-2022

That's my question.

I guess, I must have different Webex tokens to initialize from each instance of the pages. But where do I get it? From app(s) I think. My guess is "Integration" on the first page and "Guest Issuer" on the second, but I might be wrong?