Genesys Cloud Web Messaging SDK: 403 Forbidden on proactive message to closed session

TokenSophia · April 2, 2026, 4:33pm

Docs state: “To send a proactive message, the conversation must be active and the participant must have the appropriate permissions.”

I’m trying to push a follow-up message to a user who disconnected from a web chat 20 minutes ago. The session is technically closed on the platform side, but the SDK docs imply you can still target them if the token is valid. It’s not working.

Here’s the setup. We’re using the Genesys Cloud Web Messaging SDK v2. We store the conversationId and the guest’s participantId in our CRM. When the agent finishes, we close the conversation. Later, a backend service tries to send a proactive message using the stored IDs.

POST /api/v2/communications/conversations/{conversationId}/participants/{participantId}/messages

Headers:
Authorization: Bearer <valid_oauth_token>
Content-Type: application/json

Body:
{
 "messageType": "proactive",
 "content": {
 "text": "Just checking in. Did you need anything else?"
 }
}

The response is always 403 Forbidden.

{
 "message": "Access denied",
 "status": 403,
 "code": "forbidden"
}

The token has admin:conversation:write scope. I can send messages to open conversations just fine. The issue seems to be the closed state of the session. Is there a specific API call to “re-open” a conversation for messaging, or am I missing a flag in the proactive message payload? The docs don’t mention a forceOpen parameter or anything similar.

rest_rebel · April 2, 2026, 5:44pm

The docs are misleading here. “Active” means the conversation status is active, not just that a token exists. Once the session closes, you can’t push messages via the standard web messaging SDK endpoints. You’ll get 403s every time.

Stop trying to use the Web Messaging SDK for this. It’s client-side only and strictly bound to the session lifecycle.
Switch to the Platform API. Use POST /api/v2/conversations/webchat/{conversationId}/messages.
You need a server-to-server token with conversations:write scope. The user’s token is irrelevant at this stage.
Here’s the C# snippet using the .NET SDK:

var body = new WebChatMessagePost {
 Text = "Follow up message",
 SenderId = "your-bot-id",
 Type = "text"
};
await client.ConversationsApi.PostConversationsWebchatMessagesAsync(conversationId, body);

This works even if the client is gone. Just ensure the conversation isn’t fully deleted or archived.