Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
8
Helpful
5
Replies

Webex app access and refresh tokens

Go to solution
aalejo
Level 5
Level 5

‎03-21-2024 06:44 AM

Dear Community
Webex app when register into  CUCM ( Webex Unified CM Calling) uses CUCM refresh/access tokens. We can see refresh token on Expressways/CUCM). Those tokens have a policy that is rule by CUCM OAuth token policy. At the same time Webex Hub has a separate policy for refresh/access tokens for all Webex app applications.

 What tokens are in use, CUCM or Webex Hub? How they interact to each other?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to aalejo

‎03-25-2024 09:18 AM

Thanks @Roger Kallberg for sharing this very welcome news! 

I see it in the CUCM 15 Release Notes: Automatic Renewal of Refresh Token for Webex Clients.

And yes @aalejo, separate tokens are issued & used by Webex Common Identity and CUCM.

View solution in original post

5 Replies 5

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎03-22-2024 03:04 AM

The OAuth implementations of Webex Control Hub & CUCM/CUC/Expressway are independent of one another. The Webex app will always use tokens with WCH. If enabled on CUCM/CUC/Expressway it will also use those tokens. WCH are not used to fetch CUCM tokens. The app must authenticate to CUCM - ideally via the same SAML IdP as WCH so it appears seamless to the user - to get those tokens. And unlike WCH, CUCM does not allow the app to renew its refresh token automatically. The user must re-auth when it expires.

Go to solution
Roger Kallberg
VIP
VIP
In response to Jonathan Schulenberg

‎03-22-2024 03:45 AM - edited ‎03-22-2024 03:46 AM

For the CM part not renewing its refresh token automatically this is no longer the case as of v15 or both CM and Expressway.

image.png

https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/release_note/X15-0-x/Cisco-Expressway-and-Cisco-Expressway-Select-Release-Note-X15-0-x.pdf



Response Signature


Go to solution
aalejo
Level 5
Level 5
In response to Roger Kallberg

‎03-25-2024 05:48 AM

Hey Roger

I did see this release notes but it was mentioned MRA over expressway. I don't found the CUCM release notes were this is mentioned.

0 Helpful

Go to solution
aalejo
Level 5
Level 5
In response to Jonathan Schulenberg

‎03-25-2024 05:45 AM

Hey Jonathan

Thanks for your answer!. If Webex CUCM Call environment , webex app register to cloud AND to CUCM. Are you saying that on register to cloud it uses a sets of tokens and on register to on-prem CUCM uses another set of tokens?

0 Helpful

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame
In response to aalejo

‎03-25-2024 09:18 AM

Thanks @Roger Kallberg for sharing this very welcome news! 

I see it in the CUCM 15 Release Notes: Automatic Renewal of Refresh Token for Webex Clients.

And yes @aalejo, separate tokens are issued & used by Webex Common Identity and CUCM.

Customers Also Viewed These Support Documents