The app.credentials_rotated event is emitted by Talkdesk:
As Routine Security Measure
To guarantee the credentials are not stale.
There is a grace period of seven days, during which both sets of OAuth credentials are valid for use. This event must be acknowledged, triggering the expiration of the old set of credentials before the grace period is up. In the case that the event is not acknowledged, the older set will still be revoked once the grace period is over, with the newest set remaining valid until the next rotation.
Acknowledging Credential Rotation
With the app.credentials_rotated event fired, a grace period of seven days is given to recognize the new set of credentials provided.
To acknowledge this credential rotation event, make a POST request to /apps/{app_id}/installations/{installation_id}/credentials/{client_id}/state.
Whenever the Original Installation Credentials Are Compromised
There is no grace period. The old credentials are invalidated as soon as new ones are generated.
Whenever a
app.credentials_rotatedis emitted, Talkdesk's systems also email the developer informing of the rotation.
Payload Types
| Attribute | Description |
|---|---|
| id string | Unique identifier of the event |
| app_id string | Unique identifier of the partner app |
| app_version_id string | Unique identifier of the partner app's version |
| app_version_name string | The name of the partner app's version |
| installation_id string | Unique identifier of the partner app's installation in the Talkdesk account of the user |
| account_id string | Unique identifier for the customer's Talkdesk account |
| account_name string | The customer's Talkdesk account name |
| client_id string | Client ID issued for the Talkdesk account, for the partner app API access |
| client_secret string | Client secret issued for the Talkdesk account, for the partner app API access |
| private_key string | JWT private key issued for the Talkdesk account, for the partner app API access |
| public_key string | JWT public key issued for the Talkdesk account, for the partner app API access |
| key_id string | JWT key ID issued for the Talkdesk account, for the partner app API access |
| key_algorithm string | Possible values are ES256, ES384, ES512, PS256, PS384 and PS512 |
| _links.self | URL to retrieve the event content |
| _links.installation | URL to retrieve installation data |
Payload Example
{
"id": "be4cfd0a01a046ec98fde433d973d259",
"api_version": "1",
"type": "app.credentials_rotated",
"app_id": "f918e2623486417791f3b5a18ca746ce",
"app_version_id": "970d6643b6604a9d8ec77d470a3903cf",
"app_version_name": "app_version_name",
"created_at": "2021-06-01T17:23:07Z",
"data": {
"installation_id": "9514148a170c4d4aaa344a540cec08c5",
"account_id": "052c3763ee0745c68a1f65f25b0bf273",
"account_name": "starship",
"client_id": "23de1fee7658490f8021465553402546",
"client_secret": "CLIENT_SECRET",
"private_key": "PRIVATE_KEY",
"public_key": "PUBLIC_KEY",
"key_id": "78a574781e434d0b9991edd0994fbeed",
"key_algorithm": "ES256"
},
"_links": {
"root": {
"href": "https://api.talkdeskapp.com"
},
"self": {
"href": "https://api.talkdeskapp.com/apps/f918e2623486417791f3b5a18ca746ce/events/be4cfd0a01a046ec98fde433d973d259"
},
"installation": {
"href": "https://api.talkdeskapp.com/apps/f918e2623486417791f3b5a18ca746ce/installations/9514148a170c4d4aaa344a540cec08c5"
}
}
}
The links section contains:
| Attribute | Description |
|---|---|
| self | URL to retrieve the event content |
| installation | URL to retrieve installation data |
| root | URL to Talkdesk's API Gateway |
Troubleshooting
If you have any questions regarding the usage of this API, or if you’re having any technical issues, please open a ticket using this form.