If enabled for an account, users with an admin or supervisor license can use the API Credentials area to create user-level API credentials to use with Vonage Contact Center APIs.
Account-level API credentials
Account-level API credentials are deprecated. If an account contains previously created account-level API credentials, these will continue to work. Admin users can view, edit, and delete those credentials, but cannot create new account-level credentials.
Users need API credentials when using the APIs available at Vonage Contact Center APIs.
For information about creating and editing API credentials, see Configuring API credentials.
Bearer access tokens and API credentials
To use any Vonage Contact Center API, users need a bearer access token. A bearer access token authenticates subsequent requests to VCC APIs. The APIs use the token to check that the user is authorized to make your specific request. To request a bearer access token, the user first needs API credentials.
API credentials consist of:
- Client ID. The client ID identifies who the user is, a bit like a user name.
- Client secret. The client secret is a password that's generated by Vonage Contact Center.
When the user has API credentials, they can use the Authentication API to request a bearer access token.
Scopes define which APIs and resources a user can access using user-level API credentials and what actions they can perform using the API.
When the user creates their credentials, they must specify one or more available scopes. Available scopes depend on their user license, admin or supervisor. Admin users have all scopes available; supervisors have only Read or download interaction content and Read VCC user details, settings, and presences.
When the user then requests a bearer access token for their credentials using the VCC Authentication API, they must specify which of the credential's scopes the token is for. The scope for API credentials for most VCC APIs is in the format
object:action. For example,
agents-availability:read gives read access resources in the Agents Availability API, and
interaction-content:read gives read access to interactions returned by the Conversation Analyzer API. See an individual API's documentation at Vonage Contact Center APIs for the relevant scopes.
Vonage Contact Center follows the OAuth 2.0 industry standard for authentication. OAuth 2.0 supports a number of authorization flows for different types of applications and devices. The only flow supported by API Credentials currently is Client Credentials. The Client Credentials grant type is used by clients to obtain an access token outside of the context of a user.