Your App's LifeCycle

This page provides a comprehensive view of app or service lifecycle. Depending on your situation, not everything explained here might pertain to your solution. However, you can understand the general lifecycle.

Registration

When you are ready to build your integration, you start with the registration process. To register your app, you must complete a form linked on the Getting Started page. This provides NICE with the configuration details of what you plan to build, technical points of contact in your organization, and so forth. NICE processes your registration and provides you the necessary information for you to set up your app's authentication, like a client_secret and client_id. NICE also provides a tracking number for your registration. To ensure timely and quality support, include this tracking number with any email communications with NICE.

After you submit your registration, you receive a response that includes your app registration information. Application secrets are sent securely. NICE typically takes 2-3 business days to process a registration. If you don't receive a response within this time frame:

  • Check your email spam folder.
  • Email DEVone Support at devonesupport@nice.com.

CORS updates can take up to three weeks. You can work around this by disabling CORS checks in your browser while the origin request processes.

The following table explains technical configuration details that you must provide in your registration form. The form includes other pieces of information not explained here, like a name for your app.

FIELD DETAILS
Business Unit Your organization's CXone business unit (BU) number. If you have multiple business units, you must provide the BU number of your organization's primary BU. For example, DEVone partners have a primary BU in addition to any of their customers' BUs. You can find your BU number in CXone:
  1. In CXone, click the app selector and select ACD.
  2. Go to ACD Configuration > Business Units.
  3. Locate the Unit Number in the Details tab.

If you have questions on which BU number to use, contact your CXone Account Representative.

Technical Contacts Personnel in your organization who are the points of contact for your integration. CXone sends notifications about your app to these addresses, including app registration details. NICE may also periodically contact these personnel to ensure that the email addresses are still active.
Tenancy

Indicate whether your integration will authenticate users for a single tenant or multiple tenants.

If you’re building an application that will be used by multiple tenants or customers, you must select Multiple Tenants.

Tip
This app registration process provides you with a client_id and client_secret. The secret and ID are unique to your application and should be used for all authentication calls within the environment they’re issued.
CXone Environments

If you selected Multiple Tenants for the tenancy, you must indicate whether your app will be used for a government environment.

If you selected Multiple Tenants for the tenancy, you must indicate which environments your application will support. For each environment your app will be registered in, NICE provides a set of credentials.

Authentication Method

Indicate which OAuth2.0 method your integration will use. The main distinction between the options is that with client_secret_jwt, you're providing the information packaged as a JWT instead of JSON body parameters.

  • client_secret_post
  • client_secret_basic
  • client_secret_jwt

Refer to the OAuth2.0 specification to find out which option to choose. You can also refer to the authentication overview for more information.

Origins

If you plan to build User: Public or User: Confidential application types, enter a list of locations where the application runs.

By default, CXone API servers block API calls coming from origins, or applications, that are not pre-approved. This causes failures even if the request is valid. CXone uses Cross-Origin Resource Sharing (CORS) for security. Ensure that you provide a comprehensive list of origins to prevent blocked requests.

Scope You must identify which groups of APIs your app will use. This is only relevant if you're using Central CXone.
Application Type NICE categorizes your app in one of three categories: Back-End, User: Public, or User: Confidential. The majority of integrations are back-end apps. The authentication overview provides more explanation on these three categories and the type of authentication you must use.

Deploy Your App to Production

This section provides best practices for deploying your app to production.

  • Create an API user. Your app uses the credentials of a CXone user account for authentication. The settings of this account also pertain to your app. For example, the CXone permissions and limitations applied to the account therefore apply to your app. Create the user with the following details:
    • If you created a back-end app and implemented standard OAuth authentication, do not assign a login authenticator. You do not want to allow the account to go through a login flow.
    • Create a unique role for this user. Only assign permissions for the specific access your app needs or the features it must access. This must be the account's primary role.

Update Your App

This section refers to making configuration updates to your app. As part of your registration, you determined many configuration details around authentication methods, tenancy and so forth. Some of these details of your app cannot be changed. For example, you cannot change your application type from public to confidential.

To update your app, complete the same form that you filled out during the registration process.

Configuration Detail Can be changed Reason or UseCase
Application Identifier(client_id) No This is directly tied to implementation.
Application Secret (client_secret) Yes Multiples are supported, therefore secrets can be rotated or removed for security purposes.
Tenancy Yes Update as needed.
Tenant Identifier No Established during registration and cannot be changed.
Application Name and Description Yes Update as needed.
Technical Contacts Yes Update as needed.
Application Type No This is directly tied to implementation.
Application Redirects Yes Tied to implementation but can change over time.
Application Origins Yes Tied to implementation but can be changed over time.
Application Origins Yes Tied to implementation but can be changed over time.
Authentication Method No Tied to Implementation
jwksEndpoint Yes Single value but can be updated.
Logout Redirect Yes Update as needed.
Scope Yes Update as needed.

List Your App in the Marketplace

This is an optional step that may not apply to you.

If you'd like to sell your app or service, you can list it in the CXexchange Marketplace. The CXexchange is like an online store that lets customers shop for apps or services. You can create a product listing to advertise your app's capabilities and details. Just like any online shop, customers can compare different apps, watch demos, write reviews, and so forth. You must be a DEVone partner in order to list your app.

Contact your CXone Account Representative about the CXexchange. Before listing your app in the CXexchange, you must go through an approval process. This includes completing steps like a technical review of your app.

Delete Your App

Deleting your app is a two-step process.

  1. Disable your app. This lets you revert the decision if necessary.
  2. Contact your CXone Account Representative with the list of issuers for your app and its client_id. Work together to determine any outstanding requirements for deleting your app, like removing it from the CXexchange Marketplace.

After an average of two weeks, your application will be permanently deleted. NICE will also email you confirmation.