What’s the correct approach for generating the Web Messaging Guest API ephemeral tokens via the REST endpoint without overriding the Admin UI settings? We’re routing everything through the standard platform defaults, but the Node.js handler throws a 400 BAD REQUEST when the payload hits /api/v2/messaging/guesttokens. The MESSAGING GATEWAY validation pipeline chokes on the EXPIRATION MATRIX once it crosses the maximum TOKEN LIFETIME threshold. PERMISSION SCOPE directives never match the GUEST ID references. We’ve wired up the atomic POST operation, yet the automatic cryptographic signing triggers skip the signature integrity checking step. Callback handlers for the EXTERNAL CHAT CLIENT SDKS drop the token events. AUDIT LOGS show zero authentication success rates. Latency tracking is pointless. Request drops anyway. Here’s the exact JSON structure that breaks the flow:
{
"guestId": "ext-guest-8842",
"expirationSeconds": 7200,
"permissions": [
"messaging:guest:send",
"messaging:guest:read"
],
"metadata": {
"source": "node-generator",
"auditFlag": true
}
}