Glance Authorization Service

Authorization Token

All agent side requests to the Presence Service carry an Authorization Token which can be obtained from the Glance Web Service. Glance uses the JSON Web Token (JWT) standard for creating, signing, and verifying authorization tokens.

A valid JWT:

  • Guarantees that the agent has been authenticated by Glance.

  • Indicates the specific privileges that the agent has.

If an agent is a member of multiple groups, bear in mind that the token is always group specific. To carry out an API operation in a particular group, the agent needs an Authorization Token for that specific group.

NOTE: Authorization is resource intensive. To prevent performance problems, reauthorize only when the previously issued token expires. See the Presence Security Whitepaper for additional information on the Authorization Token.

Glance Authorization Service Web Service

An authorization token may be obtained server side using the Glance Authorization Service SOAP or REST API.

Providing the Authorization Token to the GLANCE Javascript APIs

The Authorization Token may be specified in metadata by adding the HTML attribute:

data-authtoken="[authorizationtoken]" to the cobrowsescript element.

The Authorization Token must appear on every page which makes API calls that require a token.

Alternatively, you can call GLANCE.Authorization.setToken(), documented below.

GLANCE.Authorization Javascript API
GLANCE.Authorization.authorize(params)

params object:

{
 webserver: [optional, defaults to www.glance.net],
 service : "presence", groupid : [group id],
 credentials: { username: [Glance account username],
 password: [Glance account password],
 gssnid: [Glance website session id],
 partnerid: [Partner id, usually same as groupid],
 partneruserid: [Partner user id],
 loginkey: [Login key signed with secret api key],
 g4scredentials : [Glance for Salesforce credentials] },
 duration : [duration of the authorization token in minutes 1-120],
 onsuccess:
 function() {},
 onfail: function(reason) {}
}

All credential properties are optional, but one of the following must be specified:

  • username and password
  • username and g4scredentials
  • username and loginkey
  • gssnid
  • partnerid, partneruserid, loginkey

A reason code is passed to the callback function on failure.

When authorizing client-side using the GLANCE.Authorization API, Glance caches the authorization token in local storage and reuses it; subsequent calls to GLANCE.Authorization.authorize() will call onsuccess() immediately. To force a new token to be obtained, call clearToken() first.

GLANCE.Authorization.setToken(token)

Use setToken if the authorization token is obtained server side and is passed via JavaScript.

GLANCE.Authorization.clearToken()

Clears the token, which may have been cached in local storage.

By continuing to use the site, you agree to the use of cookies. Learn More