Showing results for 
Search instead for 
Did you mean: 

VIP Advisor


There are a couple of questions that are regulary raised in the #webex4devs space. Let's collect them here along with the answers.

Please use seperate discussions for questions to not pollute this collection.

Feel free to extend the collection.


There is also a FAQ at the developer portal:


Maybe we can pin this thread?

VIP Advisor

Can I bypass the REST APIs OAuth flow and use username/password for API calls in my integration?

No. The OAuth flow must be used and cannot be bypassed. Along with the access token, you will receive a refresh token. As long as it is valid, you may use it to refresh your access token (receiving a new refresh token as well). So you may keep your integration running in a kind of service anyway.


Can I see my active sessions?

Check out You will see your active Webex sessions and may end some of them manually.


Can I transfer the ownership of an integration or a bot?

Check out In case of having a paid organization, an org admin may also transfer ownership of orphan bots/integrations.


Is there a list of servers from which webhooks are sent to my application?

No, there is no such list available.

Cisco Employee

This is fantastic, thanks for putting these together

VIP Advisor

How often can a refresh token be used and when will it be renewed?

Whenever an access token is issued, a refresh token is issued as well. That token can be used to renew the access token, see
A new access token will not be generated with each and every call. There is a random timer between 1 and 5 days when the access token recreation takes place. Refresh token will reset its validity back to 90 days (and remain the same so it can be re-used.).


An error message "Unable to register, user as excessive device registrations" is shown. What can I do?

Your widget code seems not to clean up after being destroyed, ie. it does not call unregister(). In the error console, you will see a URL like (the abc part may differ). Send a GET request to that URL including your access token and you will receive a list of registered devices including their URL. That can be used in a DELETE request to remove the registration and do the housekeeping manually.
Alternatively wait for a few days as each registration is valid for 7 days

Jeff Marshall
Cisco Employee

How can I tell if a message received by a webhook was sent from the Webex App or via API request?
There is no way to tell this. 

How can I submit a feature request?
Feature requests can be submitted through

How do I manage contacts in the Webex app?

Contacts can only be managed in the Webex app, there is no API for this at this time so it would need to be a feature request. 

Jeff Marshall
Cisco Employee

Is there an API that allows adding users with a CSV file?

There is no direct support for adding users to an org via a CSV file. However, you could built your own script that reads the CSV file and does a POST to /people to create the users one by one.

Jeff Marshall
Cisco Employee

Are there APIs for

No. However, you can pull the raw JSON for the status page by doing a GET to

VIP Advisor

How do I use multiple redirect URIs for an integration's OAuth flow?

Each integration may specify multiple redirect URIs in its definition. During the authorization flow, the redirect_uri parameter must match one of them. If the OAuth succeeds, the user will be redirected to the specified one. By that, a user may be pointed to a dedicated URI based on any application-specific precondition.

The redirect URIs may be changed later in the application overview. Your client_id and client_secret will not change during that process.


What kind of URIs are allowed to be used as redirect URIs?

You may specify any URI. Most common (and probably only useful) are http/https URIs with public domains, but you may also specify http://localhost/ for instance or even foo://some.url.local/. For sure, your application need to handle these URIs properly in order to receive the access code and exchange it for a token.

Raffaele Lagana
Cisco Employee

Error "Parameter 'start' or 'end' is before current time." is thrown when creating a meeting through API.

As the error suggests, this is thrown due to the fact the start and/or end times used is already in the past. The API will default to UTC+0 time zone when no time zone is provided in the request payload, you need to ensure that the date/time chosen is in the future based on the time zone.

Raffaele Lagana
Cisco Employee

How do I get next page of data set from API?


We have what is known as pagination, see here: .
If you have set a max param in your request (or you're leaving it empty, meaning it will default to the API's default - usually 100 but can be different depending on which API is used) but the records available go past that threshold, then the API will paginate the results. You can access the next page of results using the URL returned in the link response header. You simply run this through a GET request with the same token, to get the next set of results. You can continue doing this for as long as there is a link response header. If one is not returned, it means you have reached the last page.

Jeff Marshall
Cisco Employee

Is it possible to bypass the Webex sign-in screen when authorizing with an integration and the org/site has SSO is enabled?

Yes. You can append the &email= query parameter to your OAuth Authorization URL and it will lookup the user and direct them directly to their SSO sign-in. If a user's org doesn't have SSO enabled then they will still be taken to the Webex sign-in screen but the email address will already be populated and it will only ask them for their password.

Jeff Marshall
Cisco Employee

Is it possible for Webex admin to create webhooks on behalf of users?

There is no on behalf for creating webhooks. You could have your users authorize with an integration so it generates an access token and then use that to create a webhook under their account. 


Recognize Your Peers
Content for Community-Ad