1 - The client authentication must be made using a signed JWT assertion (as per the
private_key_jwt mechanism of OpenID Connect) to avoid sending credentials in the request body.
2 - To use this authentication mechanism, a JWT with information about the client has to be signed. The
client_assertion_type parameter must be set to
urn:ietf:params:oauth:client-assertion-type:jwt-bearer, and the JWT in the
client_assertion parameter has to be provided.
3 - For each Talkdesk® account that installs a partner app, you get a private/public key pair, in addition to a client’s ID and secret. These credentials are used to create JWT tokens used to request an access token. The private key is provided to the customer in Base64-encoded PKCS#8 format.
The private key is not stored in Talkdesk systems. Talkdesk only stores the customer’s public key to validate the customer’s requests.
Updated about 1 month ago