Security Assessment: Components and APIs
Following components are secure with APISIX:
Agent Manager
Bot framework
Customer Channel Manager
Cim Customer
Conversation Manager
Conversation Monitor
License Manager
Routing Engine
Team Announcement
File Engine
Unified Admin (This is only valid for CX-4.9.5 version)
Following APIs, belonging to secure components, are unauthenticated.
CODE
POST /agent-manager/agent/login
GET /agent-manager/socket.io/
POST /agent-manager/agent/refresh-token
POST /agent-manager/agent/send-sms-otp
POST /agent-manager/agent/register-phone
POST /agent-manager/agent/validate-otp
GET /ccm/widget-configs/{{WidgetIdentifier}}
GET /ccm/agents/{{}}
GET /ccm/channels/service-identifier/{{serviceIdentifier}}
POST /agent-manager/agent/send-sms-otp
POST /agent-manager/agent/register-phone
POST /agent-manager/agent/validate-otp
POST /unified-admin/forms/getAllFormTitles (This is only valid for CX-4.9.5 version)
POST /unified-admin/forms/{{formID}} (This is only valid for CX-4.9.5 version)
POST /unified-admin/keycloakLogin (all routes) (This is only valid for CX-4.9.5 version)