eGain REST APIs use the OAuth 2.0 authorization framework to ensure secure access. Before making API requests, you must obtain an access token to prove your application has the necessary permissions.
The authentication process consists of four high-level steps:
- Register a Client Application: Log in to the eGain Administration Console to create a client application. This generates your Client ID and Client Secret.
- Find your API Metadata: Access the Metadata button on your application page to find the specific Authorization and Token URLs for your instance.
- Obtain a Token: Choose an Authentication Flow based on your integration type:
- For Users/Customers: Use Authorization Code or PKCE flow. PKCE flow is an enhanced security version of Authorization Code flow.
- For Anonymous Customer: Use Anonymous Customer flow.
- For Server-to-Server: Use the Client Credentials.
- For Server On Behalf Of User/Customer: Use the On-Behalf-Of flow.
- For External Identity: Use the Token Exchange flow.
- Call the API: Include the token in the HTTP
Authorizationheader as a Bearer token.
After completing all the steps, you can call APIs by including the generated access token in a Bearer token as authentication.
| Requirement | Description |
|---|---|
| Protocol | OAuth 2.0 |
| Header | Authorization: Bearer <access_token> |
| Token Domain | https://ai.egain.cloud/ |
| API Domain | https://api.ai.egain.cloud/ |