UserHub: Getting Started

This process is now deprecated and will be EOL in Summer 2023. Please see CXone Authentication: Getting Started for the new process. Getting Started

This process is required to create the first access key for an administrative user on a tenant and to gain access to CXone APIs. Once the first access key is created, it can be used to request an access token via API.This access key method will be the required API access method in the future. NICE CXone intends to deprecate previous API access APIs.

You must use area specific domains and developers should know the domains that apply to them before beginning this process. Contact your Technical Account Manager or Technical Account management team with domain questions. Current domains are:

Examples in this guide use the na1 area domain.

NOTE:Developers should not tether integrations to the following process.

1. Before You Begin

An administrative user with credentials to https://auth.nice-incontact.com is required to complete this process. This user must have a role with permissions enabled for access key management. There are two access key-related privileges:

My Access Key-allows the user to manage access keys for that user’s own account, including permissions to view, create, edit, and delete
Access Key-allows the user to manage access keys for others, including permissions to view, create, edit, and delete

2. Generate Key in CXone

Navigate to My Profile page or User Page.

Then go to the Access Key tab:

Click Generate Access Key:

This will generate an Access KeyId and link to show the accessKey secret:

Click show secret:

Warning Note: this will be the only time you can get the access key secret.

Save the access key and secret locally.

3. Generate Token for Domain

To generate a token using the “accessKeyId” and “accessKeySecret” obtained in the previous task, invoke this endpoint:

https://na1.nice-incontact.com/authentication/v1/token/access-key

Your POST request should contain:

Header: Content-Type: application/json
Body:

    {     
    "accessKeyId": "{accessKeyId from step 2}",
    "accessKeySecret":"{accessKeySecret from Step 2}"
    }

This request will generate the following:

    Response Body: {
    "access_token": "string",
    "token_type":"string",
    "expires_in": "long",
    "refresh_token": "string",
    "refresh_token_expires_in": "long",
    "id_token":"same as access token"
    }

From this point the ACD APIs methods listed on https://developer.niceincontact.com/API are available to invoke with the access token provided in the response. The remaining access key management APIs to update, delete or return a list of access keys will be documented on the developer portal.

4. Refresh Token

To refresh a token, you must invoke the token refresh API endpoint:

https://na1.nice-incontact.com/public/user/refresh

This will generate a bearer token and a refresh token.

Your POST request should contain:

Header: Content-Type: application/json
JSON RequestBody:

    {
    "token": "{refresh_token value from original token response in Step 2}"
    }

This request will generate the following:

   { 
    Response: 200 success
    Body: {    
        "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9….”
        "tokenExpirationTimeSec": 3600,
        "refreshToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9…. ",
        "refreshTokenExpirationTimeSec": 0,
        "sessionId": null
        }
    }