I’m building a C# backend service that needs to pull interaction metrics and agent performance data for our internal reporting dashboard. The goal is to have a reliable, automated way to fetch this data every hour without any user interaction.
I’ve been looking at the OAuth documentation and I’m trying to decide between the Client Credentials grant and the Authorization Code grant.
Here is my current setup using the Genesys Cloud SDK for C#:
var auth = new Authentication();
auth.Initialize("https://api.mypurecloud.com");
var credentials = new ClientCredentials("clientId", "clientSecret");
auth.SetCredentials(credentials);
My concern is about the scope of access. The Client Credentials grant seems simpler to implement since I just need the client ID and secret. However, I’ve read that it might not have access to all user-specific data or certain protected resources.
On the other hand, the Authorization Code grant requires a user to log in, which doesn’t make sense for a backend service that runs on a schedule.
What is the recommended approach for a server-to-server application that needs to read historical interaction data? Should I stick with Client Credentials and request the necessary scopes, or is there a better pattern I’m missing? I don’t want to hit a wall later with permission errors.