| Table of Contents |
|---|
...
Login to admin webex - https://admin.webex.com/manage-users/users with a service account. Note: this has to be a separate account from your main admin account, since it is not possible to assign "Compliance officer" role to yourself. It needs to be assigned a different account.
In the Profile tab click on the admin line:
Set the user to have a Compliance Officer and Full administrator privileges:
Login to Webex Development: https://developer.webex.com/ with the user created above.
Click on Start Building Apps button:
Click Create an Integration
Select Integration as a new app type:
Fill in all the required settings. Integration Name should be simply "SphereShield". The icon should be the SphereShield logo. Contact email should be support@agatsoftware.com
The important setting here is the Redirect URL. You should enter your Access Portal URL (provided by AGAT) with the addition of /account/webexauth suffix.
Example for Fiji: https://ap.fiji.agat.world/account/webexauth
Note that the redirect URL is case sensitive.
Select the following scopes for Webex Teams:
meeting:recordings_read
meeting:admin_recordings_read
spark-admin:people_read
spark-admin:resource_group_memberships_read
spark-admin:resource_groups_read
spark-compliance:events_read
spark-compliance:memberships_read
spark-compliance:team_memberships_read
spark-compliance:teams_read
meeting:admin_schedule_read (scope needed to request meeting title for eDiscovery purpose)
meeting:admin_schedule_write (scope needed for sending meeting invitee to make Compliance officer as CoHost in scheduled meeting)
meeting:participants_write (scope needed for being able to expel users from scheduled meeting)
meeting:admin_participants_read (scope needed to create “meetingParticipants” webhook)
meeting:controls_read (scope needed to be able to request meeting recording state)
meeting:controls_write (scope needed to be able to change meeting recording state)
meeting:admin_preferences_write(scope needed to be able to make Compliance officer as CoHost in PMR meeting)
spark-compliance:meetings_write (scope neededfor beeing able to get ended meeting chats )spark-compliance:meetings_read(scope neededfor beeing able to get ended meeting chats )spark-admin:calls_write (might require escalation to Webex Support) (Note: The following scopes from the above list may not exist: spark-admin:call_memberships_read, spark-admin:calls_read, spark-admin:calls_write)
...
| Code Block | ||
|---|---|---|
| ||
try {
let requiredScopes
} catch (e) {
console.log("variable already declared")
console.log(e)
}
if (typeof requiredScopes === 'undefined') {
console.log("defining scopes")
requiredScopes = [
"sparkmeeting:allrecordings_read",
"spark-meeting:admin:call_membershipsrecordings_read",
"spark-admin:callspeople_read",
"spark-admin:licensesresource_group_memberships_read",
"spark-admin:organizationsresource_groups_read",
"spark-admincompliance:peopleevents_read",
"spark-admincompliance:peoplememberships_writeread",
"spark-admincompliance:resource_groupteam_memberships_read",
"spark-admincompliance:resource_group_memberships_write",teams_read"
"spark-meeting:admin:resource_groupsschedule_read",
"spark-admin:roles_read",
"spark-admin:call_qualities_read",meeting:admin_schedule_write"
"spark-compliancemeeting:events_read",
"spark-compliance:memberships_read",
"spark-compliance:memberships_write",
"spark-compliance:messages_read",
"spark-compliance:messages_write",
"spark-compliance:rooms_read",
"spark-compliance:team_memberships_read",
"spark-compliance:team_memberships_write",
"spark-compliance:teams_read",
"meeting:admin_schedule_read",
"meeting:admin_schedule_write",
"meeting:participants_write",
"meeting:admin_participants_read",
"meeting:controls_read",
"meeting:controls_write",
"meeting:admin_preferences_write",
"spark-compliance:meetings_write",
"spark-compliance:meetings_read",
"spark-admin:calls_write"
]
}
for (scope of requiredScopes) {
let validScope = scope.replace(":", "\\:")
try {
element = document.querySelector(`input[id*=${validScope}]`)
if (!element.checked) {
console.log(`Clicking ${validScope}`)
element.click()
}
} catch (e) {
console.log(`couldn't find element ${scope}`)
console.log(e)
}
} |
Code that also includes Meetings:
| Code Block | ||
|---|---|---|
| ||
try {
let requiredScopes
} catch (e) {
console.log("variable already declared")
console.log(e)
}
if (typeof requiredScopes === 'undefined') {
console.log("defining scopes")
requiredScopes = [
"spark:all",
"spark-admin:call_memberships_read",
"spark-admin:calls_read",
"spark-admin:licenses_read",
"spark-admin:organizations_read",
"spark-admin:people_read",
"spark-admin:people_write",
"spark-admin:resource_group_memberships_read",
"spark-admin:resource_group_memberships_write",
"spark-admin:resource_groups_read",
"spark-admin:roles_read",
"spark-admin:call_qualities_read",
"spark-compliance:events_read",
"spark-compliance:memberships_read",
"spark-compliance:memberships_write",
"spark-compliance:messages_read",
"spark-compliance:messages_write",
"spark-compliance:rooms_read",
"spark-compliance:team_memberships_read",
"spark-compliance:team_memberships_write",
"spark-compliance:teams_read",
"meeting:admin_schedule_read",
"meeting:admin_schedule_write",
"meeting:participants_write",
"meeting:admin_participants_read",
"meeting:controls_read",
"meeting:controls_write",
"meeting:admin_preferences_write",
"spark-compliance:meetings_write",
"spark-compliance:meetings_read",
"spark-admin:calls_write",
"meeting:recordings_read",
"meeting:admin_recordings_read"
]
}
for (scope of requiredScopes) {
let validScope = scope.replace(":", "\\:")
try {
element = document.querySelector(`input[id*=${validScope}]`)
if (!element.checked) {
console.log(`Clicking ${validScope}`)
element.click()
}
} catch (e) {
console.log(`couldn't find element ${scope}`)
console.log(e)
}
} |
Just the Meetings:
| Code Block | ||
|---|---|---|
| ||
try { let requiredScopes } catch (e) { console.log("variable already declared") console.log(e) } if (typeof requiredScopes === 'undefined') { console.log("defining scopes") requiredScopes = [ "meeting:recordings_read", "meeting:admin_recordings_read",participants_write" "spark-admin:peoplemeeting:admin_participants_read", "spark-admin:resource_group_membershipsmeeting:controls_read", "spark-adminmeeting:resourcecontrols_groups_readwrite", "spark-compliance:events_read",meeting:admin_preferences_write" "spark-compliance:membershipsmeetings_readwrite", "spark-compliance:team_membershipsmeetings_read", "spark-complianceadmin:teamscalls_readwrite" ] } for (scope of requiredScopes) { let validScope = scope.replace(":", "\\:") try { element = document.querySelector(`input[id*=${validScope}]`) if (!element.checked) { console.log(`Clicking ${validScope}`) element.click() } } catch (e) { console.log(`couldn't find element ${scope}`) console.log(e) } } |
...
Copy all the text in OAuth Authorization URL field (black box):
(can be easily done by 3 left clicks on the black box text to select all the URL and Ctrl+C to copy)Paste it into a new tab of Chrome (recommends to use incognito) in the address line and press Enter:
Accept the required permissions:
You will be redirected to the Admin Portal Webex App Configuration page ([adminPortalURL]/account/webexauth):
Enter the settings from Webex App: Client ID, Client Secret, Integration ID
In External Portal Web API URL enter your AP external URL, like https://ap.fiji.agat.world
Note that here it comes without any suffix, just the site base URL.
After clicking the Save button, the Admin Portal will try to connect to the configured Webex App and if it succeeds you will see the following page:
...
Now the Webex App is configured and you can review the settings in the Cloud Services Integration settings page:
...