Streaming dynamic IVR menu options based on user profile attributes using the Genesys Cloud Call Control API and a Node.js media server
What You Will Build
- Build a Node.js media server that retrieves customer profile attributes from Genesys Cloud and streams personalized IVR prompts via the WebSocket-based Call Control API.
- Uses the Genesys Cloud REST Profiles API for attribute retrieval and the Call Control WebSocket API for real-time audio streaming and DTMF capture.
- Covers Node.js with native
fetch, thewspackage, and async/await patterns.
Prerequisites
- OAuth client type:
confidentialwith grant typeclient_credentials. Required scopes:profile:read,callcontrol:inbound,callcontrol:media. - API version:
v2(Call Control WebSocket and Profiles REST endpoints). - Runtime: Node.js 18 or higher (required for stable native
fetchand modern WebSocket support). - External dependencies:
ws(WebSocket client),dotenv(environment variable management). Install vianpm install ws dotenv.
Authentication Setup
Genesys Cloud uses OAuth 2.0 for all API access. Media streaming and profile retrieval require a bearer token with explicit scopes. The Call Control API validates scopes at the WebSocket handshake stage, and missing scopes result in immediate connection termination.
The following function implements a token fetcher with in-memory caching and automatic refresh. It handles 401 responses by forcing a cache invalidation, and it implements exponential backoff for 429 rate limits.
const fetch = require('node-fetch');
const GENESYS_BASE_URL = process.env.GENESYS_BASE_URL || 'https://api.us-east-1.mypurecloud.com';
const CLIENT_ID = process.env.CLIENT_ID;
const CLIENT_SECRET = process.env.CLIENT_SECRET;
let tokenCache = {
accessToken: null,
expiresAt: 0
};
async function getAccessToken() {
const now = Date.now();
if (tokenCache.accessToken && now < tokenCache.expiresAt) {
return tokenCache.accessToken;
}
const tokenUrl = `${GENESYS_BASE_URL}/oauth/token`;
const params = new URLSearchParams({
grant_type: 'client_credentials',
client_id: CLIENT_ID,
client_secret: CLIENT_SECRET,
scope: 'profile:read callcontrol:inbound callcontrol:media'
});
let attempts = 0;
const maxAttempts = 3;
const baseDelay = 1000;
while (attempts < maxAttempts) {
try {
const response = await fetch(tokenUrl, {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: params
});
if (response.status === 401) {
tokenCache.accessToken = null;
throw new Error('OAuth 401: Invalid client credentials or region mismatch.');
}
if (response.status === 429) {
attempts++;
const retryAfter = response.headers.get('Retry-After') || Math.pow(2, attempts);
console.log(`OAuth 429 rate limited. Retrying in ${retryAfter} seconds...`);
await new Promise(resolve => setTimeout(resolve, retryAfter * 1000));
continue;
}
if (!response.ok) {
const errorBody = await response.text();
throw new Error(`OAuth failed with status ${response.status}: ${errorBody}`);
}
const data = await response.json();
tokenCache.accessToken = data.access_token;
tokenCache.expiresAt = now + (data.expires_in * 1000) - 5000; // 5 second buffer
return tokenCache.accessToken;
} catch (error) {
if (attempts === maxAttempts - 1) throw error;
attempts++;
await new Promise(resolve => setTimeout(resolve, baseDelay * Math.pow(2, attempts)));
}
}
}
Implementation
Step 1: Fetch User Profile Attributes
Genesys Cloud stores customer data in the Profiles API. You retrieve attributes using an external identifier that matches the inbound caller ID or a CRM reference. The endpoint returns a JSON payload containing key-value pairs, timestamps, and metadata. You must handle 404 responses when a profile does not exist, and you must cache results to avoid unnecessary API calls during a single call session.
async function fetchUserProfile(externalId, token) {
const profileUrl = `${GENESYS_BASE_URL}/api/v2/profiles/external/${encodeURIComponent(externalId)}`;
const response = await fetch(profileUrl, {
method: 'GET',
headers: {
'Authorization': `Bearer ${token}`,
'Accept': 'application/json'
}
});
if (response.status === 401) {
tokenCache.accessToken = null;
throw new Error('Profile fetch 401: Token expired. Refresh required.');
}
if (response.status === 404) {
return null; // Profile does not exist
}
if (response.status === 429) {
const retryAfter = response.headers.get('Retry-After') || 2;
await new Promise(resolve => setTimeout(resolve, retryAfter * 1000));
return fetchUserProfile(externalId, token);
}
if (!response.ok) {
const errorBody = await response.text();
throw new Error(`Profile fetch failed: ${response.status} ${errorBody}`);
}
return await response.json();
}
Step 2: Establish Call Control WebSocket Connection
The Call Control API uses a persistent WebSocket connection for media streaming. The server requires a specific JSON handshake message containing the callControlId, media type, and capabilities array. Genesys validates the callControlId against an active inbound call and checks the bearer token against the required scopes. The server responds with a connected event containing a callControlId confirmation and session metadata.
const WebSocket = require('ws');
async function connectCallControl(callControlId, token) {
const wsUrl = `${GENESYS_BASE_URL.replace('https://', 'wss://')}/api/v2/callcontrol/websocket`;
const ws = new WebSocket(wsUrl, {
headers: {
'Authorization': `Bearer ${token}`,
'Accept': 'application/json'
}
});
return new Promise((resolve, reject) => {
ws.on('open', () => {
const connectMessage = {
callControlId: callControlId,
media: 'audio',
capabilities: ['play', 'dtmf', 'transfer', 'hangup']
};
ws.send(JSON.stringify(connectMessage));
});
ws.on('message', (data) => {
const message = JSON.parse(data.toString());
if (message.event === 'connected') {
resolve(ws);
} else if (message.event === 'error') {
reject(new Error(`Call Control connection error: ${message.message}`));
ws.close();
}
});
ws.on('error', (error) => reject(error));
// Timeout after 10 seconds
setTimeout(() => {
ws.close();
reject(new Error('Call Control WebSocket connection timed out.'));
}, 10000);
});
}
Step 3: Stream Dynamic IVR Prompts & Handle DTMF
Once the WebSocket is connected, you stream audio using the play command. Genesys Cloud accepts publicly accessible MP3 or WAV URLs, or signed URLs for private storage. You map profile attributes to menu options, then send sequential play messages. The server emits dtmf events when the caller presses keys. You must parse these events, match them to your dynamic menu logic, and route accordingly. The following function demonstrates prompt streaming and DTMF handling with proper message formatting and error recovery.
const AUDIO_BASE_URL = 'https://example.com/ivr/audio/';
function buildDynamicMenu(profile) {
if (!profile) {
return [
{ key: '1', prompt: 'general_welcome.mp3', action: 'transfer_sales' },
{ key: '2', prompt: 'general_support.mp3', action: 'transfer_support' },
{ key: '0', prompt: 'general_operator.mp3', action: 'transfer_operator' }
];
}
const isPremium = profile.attributes?.membership_level === 'premium';
const hasOpenTickets = profile.attributes?.open_tickets > 0;
const menu = [];
if (isPremium) {
menu.push({ key: '1', prompt: 'premium_priority.mp3', action: 'transfer_premium' });
}
if (hasOpenTickets) {
menu.push({ key: '2', prompt: 'ticket_status.mp3', action: 'play_ticket_info' });
}
menu.push({ key: '0', prompt: 'general_operator.mp3', action: 'transfer_operator' });
return menu;
}
async function streamDynamicIVR(ws, profile, callControlId) {
const menu = buildDynamicMenu(profile);
ws.on('message', (data) => {
const message = JSON.parse(data.toString());
if (message.event === 'dtmf') {
const pressedKey = message.digit;
const selection = menu.find(item => item.key === pressedKey);
if (selection) {
console.log(`Caller selected: ${selection.action}`);
ws.send(JSON.stringify({
callControlId: callControlId,
action: 'play',
audio: `${AUDIO_BASE_URL}selection_confirmed.mp3`,
dtmf: { enabled: false } // Disable further DTMF after selection
}));
setTimeout(() => {
ws.send(JSON.stringify({
callControlId: callControlId,
action: 'transfer',
target: `ext:${selection.action}`,
type: 'number'
}));
ws.close();
}, 2000);
} else {
ws.send(JSON.stringify({
callControlId: callControlId,
action: 'play',
audio: `${AUDIO_BASE_URL}invalid_selection.mp3`,
dtmf: { enabled: true }
}));
}
} else if (message.event === 'media') {
// Audio chunks arrive here. For IVR prompt streaming, we typically ignore raw RTP/PCMA packets
// unless implementing custom mixing or recording. The server handles playback natively.
} else if (message.event === 'hangup') {
console.log('Call ended by Genesys platform.');
ws.close();
}
});
// Stream each menu option sequentially
for (const item of menu) {
const playMessage = {
callControlId: callControlId,
action: 'play',
audio: `${AUDIO_BASE_URL}${item.prompt}`,
dtmf: { enabled: true, keys: menu.map(m => m.key) }
};
ws.send(JSON.stringify(playMessage));
}
}
Complete Working Example
The following script combines authentication, profile retrieval, WebSocket connection, and dynamic IVR streaming into a single executable module. Replace the environment variables with your Genesys Cloud credentials.
require('dotenv').config();
const WebSocket = require('ws');
const GENESYS_BASE_URL = process.env.GENESYS_BASE_URL || 'https://api.us-east-1.mypurecloud.com';
const CLIENT_ID = process.env.CLIENT_ID;
const CLIENT_SECRET = process.env.CLIENT_SECRET;
const AUDIO_BASE_URL = process.env.AUDIO_BASE_URL || 'https://example.com/ivr/audio/';
let tokenCache = { accessToken: null, expiresAt: 0 };
async function getAccessToken() {
const now = Date.now();
if (tokenCache.accessToken && now < tokenCache.expiresAt) return tokenCache.accessToken;
const params = new URLSearchParams({
grant_type: 'client_credentials',
client_id: CLIENT_ID,
client_secret: CLIENT_SECRET,
scope: 'profile:read callcontrol:inbound callcontrol:media'
});
try {
const response = await fetch(`${GENESYS_BASE_URL}/oauth/token`, {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: params
});
if (!response.ok) {
const errorText = await response.text();
throw new Error(`OAuth failed: ${response.status} ${errorText}`);
}
const data = await response.json();
tokenCache.accessToken = data.access_token;
tokenCache.expiresAt = now + (data.expires_in * 1000) - 5000;
return tokenCache.accessToken;
} catch (error) {
console.error('Authentication error:', error.message);
throw error;
}
}
async function fetchUserProfile(externalId, token) {
const response = await fetch(`${GENESYS_BASE_URL}/api/v2/profiles/external/${encodeURIComponent(externalId)}`, {
method: 'GET',
headers: { 'Authorization': `Bearer ${token}`, 'Accept': 'application/json' }
});
if (response.status === 404) return null;
if (!response.ok) throw new Error(`Profile fetch failed: ${response.status}`);
return await response.json();
}
function buildDynamicMenu(profile) {
const menu = [];
if (profile?.attributes?.membership_level === 'premium') {
menu.push({ key: '1', prompt: 'premium_priority.mp3', action: 'transfer_premium' });
}
if (profile?.attributes?.open_tickets > 0) {
menu.push({ key: '2', prompt: 'ticket_status.mp3', action: 'play_ticket_info' });
}
menu.push({ key: '0', prompt: 'general_operator.mp3', action: 'transfer_operator' });
return menu;
}
async function runIVRSession(callControlId, externalId) {
try {
const token = await getAccessToken();
const profile = await fetchUserProfile(externalId, token);
console.log(`Profile loaded for ${externalId}:`, profile ? 'Found' : 'Not found');
const wsUrl = `${GENESYS_BASE_URL.replace('https://', 'wss://')}/api/v2/callcontrol/websocket`;
const ws = new WebSocket(wsUrl, {
headers: { 'Authorization': `Bearer ${token}`, 'Accept': 'application/json' }
});
await new Promise((resolve, reject) => {
ws.on('open', () => {
ws.send(JSON.stringify({
callControlId,
media: 'audio',
capabilities: ['play', 'dtmf', 'transfer', 'hangup']
}));
});
ws.on('message', (data) => {
const msg = JSON.parse(data.toString());
if (msg.event === 'connected') resolve();
else if (msg.event === 'error') reject(new Error(msg.message));
});
ws.on('error', reject);
setTimeout(() => { ws.close(); reject(new Error('Connection timeout')); }, 10000);
});
const menu = buildDynamicMenu(profile);
ws.on('message', (data) => {
const msg = JSON.parse(data.toString());
if (msg.event === 'dtmf') {
const selection = menu.find(m => m.key === msg.digit);
if (selection) {
ws.send(JSON.stringify({ callControlId, action: 'play', audio: `${AUDIO_BASE_URL}confirmed.mp3`, dtmf: { enabled: false } }));
setTimeout(() => {
ws.send(JSON.stringify({ callControlId, action: 'transfer', target: `ext:${selection.action}`, type: 'number' }));
ws.close();
}, 1500);
} else {
ws.send(JSON.stringify({ callControlId, action: 'play', audio: `${AUDIO_BASE_URL}invalid.mp3`, dtmf: { enabled: true } }));
}
}
});
for (const item of menu) {
ws.send(JSON.stringify({
callControlId,
action: 'play',
audio: `${AUDIO_BASE_URL}${item.prompt}`,
dtmf: { enabled: true, keys: menu.map(m => m.key) }
}));
}
console.log('IVR session active. Waiting for DTMF or hangup...');
} catch (error) {
console.error('IVR session failed:', error.message);
process.exit(1);
}
}
// Example execution
runIVRSession('call-12345-abcde', 'CRM-USER-98765').catch(console.error);
Common Errors & Debugging
Error: 401 Unauthorized on WebSocket Handshake
- What causes it: The bearer token expired, contains invalid scopes, or was generated against a different Genesys Cloud region than the WebSocket endpoint.
- How to fix it: Verify the
Authorizationheader matches the region in the WebSocket URL. Implement automatic token refresh before theexpires_intimestamp. Ensure the client credentials havecallcontrol:mediascope. - Code showing the fix: The
getAccessTokenfunction caches tokens with a 5-second safety buffer and invalidates the cache on 401 responses.
Error: 403 Forbidden on Profile API
- What causes it: The OAuth token lacks the
profile:readscope, or the external ID format does not match the profile store configuration. - How to fix it: Regenerate the token with
profile:readincluded in the scope parameter. Validate theexternalIdagainst the exact string stored in Genesys Cloud Profiles. - Code showing the fix: The scope string in
getAccessTokenexplicitly includesprofile:read. ThefetchUserProfilefunction handles 404 gracefully when the ID does not match.
Error: WebSocket Close Code 1008 or 1011
- What causes it: The initial
connectmessage is malformed, missing thecallControlId, or thecapabilitiesarray contains unsupported actions. The platform rejects invalid JSON structures immediately. - How to fix it: Ensure the handshake message matches the exact schema. Use only supported capabilities:
play,record,dtmf,transfer,hangup. Validate JSON serialization before sending. - Code showing the fix: The
connectCallControlfunction serializes a strict JSON object with required fields. ThestreamDynamicIVRfunction validates menu keys against thedtmf.enabledconfiguration.
Error: 429 Too Many Requests on REST Calls
- What causes it: Exceeding the Profiles API rate limit (typically 200 requests per minute per client). High-volume IVR routing can trigger this during peak hours.
- How to fix it: Implement exponential backoff and cache profile responses for the duration of the call session. Batch profile updates outside of real-time media flows.
- Code showing the fix: The
fetchUserProfilefunction checksRetry-Afterheaders and recursively retries with delayed execution. ThetokenCacheprevents redundant OAuth calls.