Exploring the Webex API: A Step-by-Step Guide to Generating Your Access Token

Hey guys!

Today, let’s dive into the Webex API and how you can leverage it to build your own custom integrations.

I recently began exploring the Webex REST API, but I wanted to use my own code rather than relying only on the web browser.
While the Webex Developer Portal allows you to perform all actions directly online once you’re logged in (automatically using your token for requests), I preferred a more flexible approach that didn’t tie me to the browser.

So, in this post, I’ll show you how to generate your own access token to use in your custom code.

So, these are the steps you will have to do to achieve this:

Webex Integration

Integrations are how you request permission to invoke the Webex REST API on behalf of another Webex user. Below are the steps you’ll need to follow to create an integration and generate your access token:

  • Create a Webex Integration: Go to the Webex Developer
    Portal and create a new integration. You’ll need to provide details like the
    integration name, description, and redirect URI.
  • Obtain Client ID and Secret: After registering, you’ll
    receive a Client ID and Client Secret. These are essential for the OAuth
    flow.

– Request permission using an OAuth Grant Flow

  • Redirect Users to Webex Authorization Endpoint: Construct a URL with your Client ID, redirect URI, and requested scopes. Redirect users to this URL to request their permission.
  • User Grants Permission: The user will log in to Webex and grant the requested permissions. Webex will then redirect the user back to your specified redirect URI with an authorization code.

– Exchange the resulting authorization code for an access token:

  • Send Authorization Code to Webex: Make a POST request to the Webex token endpoint with the authorization code, Client ID, Client Secret, and redirect URI.
  • Receive Access Token: Webex will respond with an access token, which you can use to authenticate API calls.

– Use the access token to make your API calls:

  • Include Access Token in API Requests: Add the access token to the Authorization header of your API requests.
  • Make API Calls: Use the Webex REST API to perform actions on behalf of the authenticated user.

Now, let’s see each one in details.

BUILDING AN INTEGRATION

Here (https://developer.webex.com/my-apps/new/integration) you can create your new Integration.
You will have to fill the following information: Integration Name, Icon, Description, Redirect URI and Scope.

Redirect URI, is a url used to redirect your code as soon you give the consent the permission. In other words, after creating the Integration, you will be given an Authorization URL. After authorizing, the web page will be redirected to your “Redirect URI” with a Webex Code. You will need this code to finish the whole process.
In my case, I’m using a localhost I’ve created to retrieve the information: http://127.0.0.1:5000/WebexToken

Scopes are all type of access you will provide. You have to select them in order to choose what your API will be able to access. Also, you define what type of access: Ready, Write or both.

So my integration name is Testing, my Redirect URI is http://127.0.0.1:5000/WebexToken, and in the Scope, I just added spark-admin:licenses_read and analytics:read_all

AddInt

Once you finish all, click on Add Integration.

After adding the integration, you’ll receive your Client ID, Client Secret, Integration ID, and OAuth Authorization URL. Be sure to save these in a secure location.

image

REQUEST PERMISSION USING AN OAuth Grant Flow

Now, you will need to open the OAuth Authorization URL you received in your browser.
You have to Accept the to grant access to your Integration.

image

Here’s where it gets a bit tricky. When you click Accept, you’ll be redirected to the Redirect URI you entered earlier. At this point, you’ll be given a Code that’s essential for finishing the process. If you don’t have a localhost set up, don’t worry—you can still find the code in the URL, even if you encounter an error.

Please SAVE this code also!

For example:

image

Right, now you have all the info you needed! Let’s go to the last step!

EXCHANGE THE RESULTING AUTHORIZATION CODE

With all information in hands, it’s time to generate the Token!

Basically,  you to send a POST request to https://webexapis.com/v1/access_token, with the following information in the Body:

grant_type: This should be set to “authorization_code
client_id: Issued when creating your integration
client_secret: Remember this guy? You kept it safe somewhere when creating your integration
code: The authorization code from the previous step
redirect_uri: Must match the one used in the previous step

If you use curl request, it should be like this:

curl -X POST https://webexapis.com/v1/access_token -H ‘Content-Type: application/x-www-form-urlencoded’ -d ‘grant_type=authorization_code&client_id=XXXXXXXX&client_secret=XXXXXXXXXXX&state=set_state_here&redirect_uri=http://localhost:8081/authorization-code’

Or, if you use Postman, it will be something like this:

image

Once you click on SEND to request it, this will be your result. Webex REST API will then respond with JSON containing an access token and a refresh token, as shown in the example below. Expiration times are provided in seconds.

image

By following these steps, you’ll be able to generate your own access token and start making API calls with your custom Webex integration. Stay tuned for more in-depth tutorials on leveraging the Webex API to enhance your applications!

Hope you enjoy it! Smile

See you!

Bruno


Leave a comment