FAQ

General API Questions

Where do I go to start learning about NICE CXone APIs?

The best place to start is by reading the Getting Started tutorial from the Documentation section.

How can I register an API application with NICE CXone?

Application registration is covered click here

What is the difference between the 200 and 202 return codes?

A 200 return code means that a synchronous request was completed successfully. A 202 return code means that an asynchronous action request completed successfully but further action should be done by the client to complete the final status.

Why are all of the JavaScript code examples written using jQuery?

jQuery was chosen as a good way to provide an easy to understand example that can be used to better understand how the method functions.

What causes a "401 Client application 'application_name@vendor' not authorized for user" error to be returned?

Typically this indicates that you have not sent the correct credentials or application name. Double check your inputs and compare with the API Application registered in Central to verify you are sending the correct names.

OAuth2 Authorization Questions

Does the NICE CXone authorization service support OAuth 2?

Yes, CXone authorization is based on OAuth 2 and OpenID Connect. For user authentication the authorization code method is used, for back-end integrations the resource owner password method is used.

What authorization type should I choose for my application?

Applications that provide a user interface must use the authorization code method. Back-end integrations that do not have a user interface must use the resource owner password method.

What should I do when I receive a “token expired” response?

Each token contains an expiration period in the response. Before that expiration time new tokens must be obtained. There is a refresh flow available that is documented here.

Does the NICE CXone API authorization service support all OAuth2 "grant types"?

In the current version of the NICE CXone API Framework, only the Implicit, Password and Client OAuth "grant types" are supported. Support for the Authorization Code grant type will be added in a future release.

What authorization type should I choose for my application?

Each supported OAuth2 grant type is designed for optimal security and usability of specific types of applications:
Implicit : Best for browser client applications or web applications that run on a server.
Password : Best for applications that are not web-based.
Client : Best for applications that do not access resources for a specific authenticated user.
For more specific information on tokens, see the GettingStarted tutorial for details.

What should I do when I receive a "token expired" response?

Password and Client tokens are generally set to expire after an hour. When a token has expired, using the token with an API call will generate an error. Your application must then re-request a new token. This can be done by sending the authorization key again (for the Password and Client grant types), or by using a refresh_token to request a new API token (for the Implicit grant type). The refresh_token is provided with the API token when the API token is initially granted. Your application can store the refresh token for use when it is notified by the NICE CXone API Framework that your API token has expired. To learn more, see the Getting Started tutorial.

Why would I get "403 Forbidden" return code when using a valid token?

This can occur when you are using "Client" authentication type to call APIs that require an "Implicit" or "Password" authentication type.

Agent API Questions

Why do I get a '409 Conflict' error when dealing with an agent session?

When you attempt to start a session for a user that already has an active session, or end a session that has already been ended, the API will return an error code (409 Conflict).

When I join an existing session, will I get the same sessionId?

No. When any device or application joins running session it receives a unique identifier for that session.

What will happen if a session which has other joined applications ends?

All events for a running session are available to every joined application or client so the session would end for all connected applications.

How can I make sure that my request to change a system resource state was completed?

All state changes will trigger an event to indicate that the state has been changed. See the Using events tutorial to learn more about how events can be used.

Why do I get a different sessionId every time I get each new event?

Your sessionId contains a timestamp that tells the system the last time you got events. This is used to keep the platform and client applications in sync.