Building a distributed tracing bridge for multi-tenant BPOs. Need to restrict OAuth clients to specific divisions so our OpenTelemetry collector only picks up relevant spans.
Tried updating the client via PATCH /api/v2/oauth/clients/{id} with a divisionId in the body. Genesys Cloud ignores it. The client stays global.
{
"name": "otel-tracer-bpo-1",
"divisionId": "d-12345",
"grantTypes": ["client_credentials"]
}
Response is 200 OK but divisionId reverts to null in the GET response. Documentation mentions division scoping for resources, not clients. Is there a specific endpoint or a hidden field?
Checked the CXone docs too. POST /oauth2/token doesn’t seem to accept division parameters. Using the Python SDK genesyscloud.oauth.Client methods. Nothing jumps out for scoping.
If I can’t scope the client, I’ll have to filter spans on the backend. But that’s inefficient. We’re processing millions of events.
Any pointers on how to actually lock down the client to a division? Or is this a platform limitation?