Newer Version Available
Service Cloud Voice REST API Authorization
The Service Cloud Voice REST API requires JWT authorization.
The following prerequisites must be satisfied before you can start the authorization process flow.
-
Sign the JWT using RSA SHA256, which uses an uploaded certificate as the signing secret.
-
Set up a Salesforce connected app and call center. Ensure that the call center has been updated with the certificate you generated. The generated private key is used to sign the JWT bearer token payload.
-
Store the private key in a keystore that you can retrieve every time you want to generate a JWT token.
Once you’ve satisfied these prerequisites, set up authorization for this API.
- Construct a JWT header with this format: {"alg":"RS256"}.
- Base64url encode the JWT header as defined in Base 64 Encoding with URL and Filename Safe Alphabet. For example: eyJhbGciOiJSUzI1NiJ9.
-
Construct a JSON claims set for the JWT with the following parameters:
- iss—The issuer is the Salesforce org ID where you set up your contact center and registered the certificate.
- sub—The subject must contain the “Salesforce Call Center API Name”.
- aud—The audience identifies the authorization server as an intended audience. The authorization server must verify that it is an intended audience for the token. Use https://scrt.salesforce.com.
- exp—The expiration time of the assertion within 3 minutes, expressed as the number of seconds from 1970-01-01T0:0:0Z measured in UTC.
- jwtId—The unique ID for the JWT token.
Sample JSON claim set for the JWT:
1{ 2 "iss": "00DRM000000GuTE", 3 "sub": "HVCC", 4 "aud": "https://scrt.salesforce.com", 5 "exp": "1333685628" 6} - Base64url encode the JWT claims set without any line breaks.
- Retrieve the private key stored in the keystore.
- Sign the payload using the private key to generate JWT token.
- Use the generated JWT token as part of the Authorization header when making the API request.