Setting up integration permissions in Genesys Cloud

The Mindful Feedback integration with Genesys Cloud allows Mindful Feedback to access certain information within Genesys. Genesys Cloud's OAuth scopes for applications provide a secure method for granting apps like Mindful Feedback access to specific information within Genesys Cloud, all while ensuring that the app doesn't gain access to login credentials or unrestricted access to all user resources. This article outlines the required permissions for the Mindful Feedback integration and how to configure those permissions.

Setting Up Integration Permissions

A user with the Master Admin role is required to install the Mindful Feedback (Survey Dynamix) integration. During the installation, the Mindful Feedback (or Survey Dynamix) Client Credentials OAuth Client will inherit the Master Admin permissions. Mindful Feedback does not need this level of permissions and this document will outline how to reduce the permissions available to Mindful Feedback after installation.

Note:
  • Please ensure that Mindful Feedback is installed before performing the below steps.
  • These steps are optional (but recommended) and only need to be performed if your organization prefers to limit the permissions of third-party apps such as Mindful Feedback.

Create the Mindful Feedback App Role

Follow the instructions below in order to reduce the permissions assigned to the Mindful Feedback Client Credentials OAuth Client after initial installation.

Quick access: Admin > People & Permissions > Roles/Permissions

  • From the Roles/Permissions page, click the Add Role button.
  • Give the role the name of "Mindful Feedback App" or something similar.
  • On the Permissions tab of the role, search for and add the permissions that are shown below:

Screen capture of Required permissions

Note:

These permissions are the base required permissions for the Mindful Feedback App after it has already been installed. However, in some cases, you will want to add more permissions to this role depending on if you wish to utilize API capability through an HTTP POST event using PureCloud authentication in a survey's Triggers/Events. For example, if you wanted to add a record to an Outbound Contact List directly from an event in Mindful Feedback, then you would need to add:

  • ANY outbound:contact:add
  • Click the Save button.
  • Assign this new role to yourself so that you will then be able to assign the role to the Client Credentials OAuth Client in the next steps.

Update the Mindful Feedback Client Credentials OAuth Client

Quick access: Admin > Integrations > OAuth

  • From the OAuth page, locate the Mindful Feedback (or Survey Dynamix) Client Credentials OAuth client. The screenshot below will show you the key indicators for this client:

Screen capture of Client Details for OAuth

  • Click on the Roles tab. The roles shown below correspond with the roles associated with the user when Mindful Feedback was installed in PureCloud. Screen capture of Roles page
  • Turn OFF the toggle for all the roles shown in this tab and turn ON the Mindful Feedback (Survey Dynamix) App role created earlier. Note that this role is not shown in the screenshot above.
  • Click the Save button.
Note: If you use Divisions, please ensure that the Mindful Feedback (Survey Dynamix) App role has access to all the required Divisions (ie; where the queues, wrap-ups, and users exist that are involved in Survey Mappings, etc).