
<div dir="ltr">Ok, so it's one-liner to pull an OAuth token from my webex account for an integration which doesn't exist (or at least, it doesn't require me to create one first, nor does it create one for me).<div><br></div><div>Since there is nothing to look at, after the link is processed, it almost seems like a better idea to create the integration on <a href="https://developer.webex.com/my-apps">https://developer.webex.com/my-apps</a>, obtain the token, so that I have something to look at/reference later for this integration.</div><div><br></div><div>Also, if I'm not mistaken, since Azure is not going to ask for a refresh token then, this will forever be a task that we manually perform every year, right?  Perhaps someone will get fancy and write middleware to refresh the token and push it into Azure, but I'm not even sure if Azure exposes an API to update that field.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Aug 7, 2019 at 12:05 PM Ryan Ratliff (rratliff) <<a href="mailto:rratliff@cisco.com">rratliff@cisco.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div lang="EN-US">

<div class="gmail-m_-4236187355733949759WordSection1">

<p class="MsoNormal">The URL is just a shortcut way to get an OAuth token for the integration.<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">You can easily do the same thing via the API if you had to.<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">Look at the URL itself:<u></u><u></u></p>

<p class="MsoNormal"><a href="https://idbroker.webex.com/idb/oauth2/v1/authorize" target="_blank">https://idbroker.webex.com/idb/oauth2/v1/authorize</a><u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">Here are the parameters for the GET request (leaving the %-encoded characters because I’m lazy):<u></u><u></u></p>

<p class="MsoNormal">response_type=token<u></u><u></u></p>

<p class="MsoNormal">client_id=<some text><u></u><u></u></p>

<p class="MsoNormal">redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fcode<u></u><u></u></p>

<p class="MsoNormal">scope=spark%3Apeople_read%20spark%3Apeople_write%20Identity%3ASCIM<u></u><u></u></p>

<p class="MsoNormal">state=this-should-be-a-random-string-for-security-purpose<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">You can see the definitions of the parameters at <a href="https://developer.webex.com/docs/integrations" target="_blank">

https://developer.webex.com/docs/integrations</a>.<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">A given integration can have only one OAuth token at a time, so if you regenerate your token by logging into that URL then it will invalidate any previous ones.<u></u><u></u></p>

<p class="MsoNormal">The web page isn’t going away, it’s just the URL the OAuth generation redirected you to when it generated your token, which happens to include your token.<u></u><u></u></p>

<p class="MsoNormal">It’s non-developer speak for “don’t close your browser until you copy that token”, and worst case, generate a new one.<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<div>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Ryan Ratliff<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Manager, Cisco Cloud Collaboration TAC <u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Standard Business Hours: 8:00AM-5:00PM EDT<br>

Email: <a href="mailto:rratliff@cisco.com" target="_blank">rratliff@cisco.com</a><u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Office: +1 919-476-2081<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Mobile: +1-919-225-0448<u></u><u></u></span></p>

</div>

<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Lucida Grande",sans-serif;color:black">Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209</span><u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(181,196,223);padding:3pt 0in 0in">

<p class="MsoNormal"><b><span style="font-size:12pt;color:black">From: </span></b><span style="font-size:12pt;color:black">cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>> on behalf of Anthony Holloway <<a href="mailto:avholloway%2Bcisco-voip@gmail.com" target="_blank">avholloway+cisco-voip@gmail.com</a>><br>

<b>Date: </b>Wednesday, August 7, 2019 at 12:32 PM<br>

<b>To: </b>Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>><br>

<b>Cc: </b>cisco-voip list <<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>><br>

<b>Subject: </b>Re: [cisco-voip] Azure to Webex User Provisioning and Tokens<u></u><u></u></span></p>

</div>

<div>

<p class="MsoNormal"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal">Thank you for that confirmation. <u></u><u></u></p>

<div>

<p class="MsoNormal"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal">It's concerning to me that the note below the URL says:<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal">"We recommend that you paste this value into a text file and save it, so that you have a record of the token in case the URL is not available any more."<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal">Considering the token expires every 365 days.  I sure hope the URL is available in the future.<u></u><u></u></p>

</div>

</div>

<p class="MsoNormal"><u></u> <u></u></p>

<div>

<div>

<p class="MsoNormal">On Wed, Aug 7, 2019 at 11:26 AM Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>> wrote:<u></u><u></u></p>

</div>

<blockquote style="border-top:none;border-right:none;border-bottom:none;border-left:1pt solid rgb(204,204,204);padding:0in 0in 0in 6pt;margin-left:4.8pt;margin-right:0in">

<div>

<div>

<p class="MsoNormal">FWIW the Cisco documents say the same thing:

<a href="https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub" target="_blank">

https://help.webex.com/en-us/aumpbz/Synchronize-Azure-Active-Directory-Users-into-Cisco-Webex-Control-Hub</a><u></u><u></u></p>

<p class="MsoNormal"> <u></u><u></u></p>

<p class="MsoNormal"> <u></u><u></u></p>

<div>

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td style="padding:0in 7.5pt 0in 0in">

<p class="MsoNormal"><span style="font-size:1pt"> <u></u><u></u></span></p>

</td>

<td style="padding:7.5pt 0in 7.5pt 7.5pt">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><b><span style="color:rgb(243,128,11)">Matthew Loraditch</span></b><b><span style="font-size:1pt;font-family:remialcxesans,serif;color:white"></span></b><b><span style="color:rgb(243,128,11)"><u></u><u></u></span></b></p>

</td>

</tr>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><b><span style="color:gray">Sr. Network Engineer<u></u><u></u></span></b></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:7.5pt 0in 0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><span style="color:rgb(243,128,11)">p:</span><span style="color:gray"> <a href="tel:443.541.1518" target="_blank"><strong><span style="font-family:Calibri,sans-serif;color:gray;font-weight:normal;text-decoration:none">443.541.1518</span></strong></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><span style="color:rgb(243,128,11)">w:</span><span style="color:gray"> <a href="http://www.heliontechnologies.com/" target="_blank"><strong><span style="font-family:Calibri,sans-serif;color:gray;font-weight:normal;text-decoration:none">www.heliontechnologies.com</span></strong></a><u></u><u></u></span></p>

</td>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><span style="color:gray"> | <u></u><u></u></span></p>

</td>

<td valign="top" style="padding:0in">

<p class="MsoNormal"><span style="color:rgb(243,128,11)">e:</span><span style="color:gray"> <a href="mailto:MLoraditch@heliontechnologies.com" target="_blank"><strong><span style="font-family:Calibri,sans-serif;color:gray;font-weight:normal;text-decoration:none">MLoraditch@heliontechnologies.com</span></strong></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr>

<td style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="bottom" style="padding:0in">

<p class="MsoNormal"><span style="font-size:1pt"><a href="http://www.heliontechnologies.com/" target="_blank"><span style="color:windowtext;text-decoration:none"><span style="color:blue"><img border="0" width="300" height="75" style="width: 3.125in; height: 0.7812in;" id="gmail-m_-4236187355733949759_x0000_i1028" src="cid:16c6dc6b9694cff311" alt="Helion Technologies"></span></span></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:7.5pt 0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in 2.25pt 0in 0in">

<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:1pt"><a href="https://facebook.com/heliontech" target="_blank"><span style="color:windowtext;text-decoration:none"><span style="color:blue"><img border="0" width="18" height="18" style="width: 0.1875in; height: 0.1875in;" id="gmail-m_-4236187355733949759_x0000_i1027" src="cid:16c6dc6b96a5b16b22" alt="Facebook"></span></span></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in 2.25pt 0in 0in">

<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:1pt"><a href="https://twitter.com/heliontech" target="_blank"><span style="color:windowtext;text-decoration:none"><span style="color:blue"><img border="0" width="18" height="18" style="width: 0.1875in; height: 0.1875in;" id="gmail-m_-4236187355733949759_x0000_i1026" src="cid:16c6dc6b96a692e333" alt="Twitter"></span></span></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

<td valign="top" style="padding:0in">

<table class="gmail-m_-4236187355733949759MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100%">

<tbody>

<tr>

<td valign="top" style="padding:0in 2.25pt 0in 0in">

<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:1pt"><a href="https://www.linkedin.com/company/helion-technologies" target="_blank"><span style="color:windowtext;text-decoration:none"><span style="color:blue"><img border="0" width="18" height="18" style="width: 0.1875in; height: 0.1875in;" id="gmail-m_-4236187355733949759_x0000_i1025" src="cid:16c6dc6b96a7745b44" alt="LinkedIn"></span></span></a><u></u><u></u></span></p>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</td>

</tr>

</tbody>

</table>

</div>

<p class="MsoNormal"><b>From:</b> cisco-voip <<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>>

<b>On Behalf Of </b>Anthony Holloway<br>

<b>Sent:</b> Wednesday, August 7, 2019 12:18 PM<br>

<b>To:</b> Cisco VoIP Group <<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>><br>

<b>Subject:</b> [cisco-voip] Azure to Webex User Provisioning and Tokens <u></u><u></u></p>

<p class="MsoNormal"> <u></u><u></u></p>

<div>

<p class="MsoNormal">I'm using the following link:<u></u><u></u></p>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"><a href="https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial" target="_blank">https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/cisco-webex-provisioning-tutorial</a> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">And in step 6 it describes how to obtain the secret token from Cisco, to input into Azure.<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">It notes that the token is valid for 365 days, however, in my testing it's looking like it might be 30 days.<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">The resulting URL from step 6 has a URI parameter of:<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">expires_in=31535999<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">Which if you treat it as seconds, then it's 365 days, so the URL seems to match the document.<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">I'm wondering if there is anyone with experience on this topic, before I put some serious time in with TAC.<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

<div>

<p class="MsoNormal">Thanks much!<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal"> <u></u><u></u></p>

</div>

</div>

</div>

</div>

</blockquote>

</div>

</div>

</div>


</blockquote></div>