Authentication Flow

Genesys Web Services authentication is performed in the following sequence:

1. Salesforce Authentication

• Enters here if a request contains two specific headers (Salesforce Session ID and Salesforce Identity URL).
• If successful, the user is authenticated and execution flow proceeds to the authorization stage.
• If authentication headers are not present or authentication fails, execution flow proceeds to the next step.

2. Oracle Service Cloud Authentication

• Only enters here if a request contains specific headers (RNURL, RNSID, RNUSERNAME).
• In case of success, the user get authenticated and execution flow proceeds to the authorization stage. If there are no such headers or authentication fails at this step, execution flow proceeds to the next step.

3. Configuration Server (CME) Authentication

• Enters here if a request contains basic authentication header and CME authentication is enabled for this contact center.
• If successful, user is authenticated and execution flow proceeds to the authorization stage.
• If authentication headers are not present, CME authentication is disabled, or authentication fails, execution flow proceeds to the next step.

4. Genesys Web Services Authentication

• Enters here if a request contains basic authentication header.
• If successful, user is authenticated and execution flow proceeds to the authorization stage.
• If authentication headers are not present or authentication fails, execution flow proceeds to the next step.

5. Security Assertion Markup Language (SAML) Authentication

• Enters here if SAML is enabled and configured.
• An attempt is made to authenticate user going through various scenarios (Case 1 or Case 2).
• If case of failure, user receives an anonymous authentication. User will only be given access to unprotected endpoints.