APIs
XML API DeprecationGetting StartedREST API BasicsComplianceWebhooksWebex APIs
Admin
Calling
Contact Center
Devices
Meetings
Messaging
Webex Assistant Skills
FedRAMP
Full API Reference
API Changelog

Authorizations

Admin API. You need full or user level admin privileges to call this API

Authorizations are user grants to applications to act on their behalf. Authorizations are how Integrations get authorized with specific access scopes in the oAuth client life-cycle. Developer Integrations and some of the service portals, like the developer.webex.com portal, are all oAuth clients.

In this API an authorization is synonynous with a token.

The app developer receives a refresh and an access token through the oAuth process, which they will use to call the APIs for which the user authorized the scopes. While access tokens expire fairly frequently, refresh tokens - when being regularly used - will be refreshed to last forever.

To provide admins with fine-grained token management control you use the authorizations API with the DELETE method to revoke access and refresh tokens.

Deleting a refresh token will revoke all associated access tokens as well. Deleting an access token will revoke the developers ability to call the APIs with it. Webex subsystems may cache the validity of the token for a short while longer after the authorization was deleted.

Admins will be able to revoke user authorizations for users in their org.

To use the authorizations API in an Integration the scopes must include: identity:tokens_write,identity:tokens_read

Method
Description
List authorizations for a user
GETList authorizations for a user