The Advanced Help Desk Administrator role is now supported by the Roles and People APIs.

Admins and Compliance Officers often want to control proliferation of apps in the Webex ecosystem. To that end we introduced Integrations and Bot Mgmt in Control Hub. However as more admins became aware of these controlling features, the question came up what to do about bots that were previously added to group spaces. Today, we are introducing a new feature that will help here: Bot removal from group spaces. Compliance Officers are now able to identify the group spaces a bot was added by doing a GET /memberships?personEmail={botemail} The CO can then use his powerful credentials to DELETE the relevant /memberships/{id} For regular users we maintain the principle that they have to be part of the space to see the memberships.

The DELETE /organizations API is now available to delete Organizations. Organization Full Administrators can delete their own Organization via this API. Likewise, Full Administrators or Sales Full Administrators in a Partner Organization now have the ability to delete their managed Customer Organizations via this API. This operation is only permitted when certain strict conditions are met. Find out more in the Delete Organizations API Reference page.

We have made available and documented new meeting events for Compliance Officers to receive in the /events API . A new resource: meetings type: ended event is available after a meeting concluded. This meeting event can be used to assess the host and participant list of the meeting. A while later a meetingTranscripts:created event may be received for meetings that had turn on recording and Webex Assistant. This event includes a file URL to download the transcript. Due to staggered rollout the corresponding meetingTranscripts REST endpoint is not quite available yet, but will be added shortly.

It is now possible for a Compliance Officer to easily trace back deleted messages and files. In the past, after a message or file had been deleted the Compliance Officer could not access the Get Message Details endpoint to retrieve the original message, but got a 404 when doing so. Now the CO alone will be able to access the deleted message under the Get Message Details and also the CO alone will be able to retrieve the deleted file from the /Contents URL embedded into the messages/{id} response. Regular users will still receive a 404. Messages and files are kept as per org retention policy. For further information, please see the example in the Compliance Guide.

In looking through our system, we have found some bots/users that consume an extraordinary amount of webhook registrations in the hundreds of thousands. The registration and consequently payload for these webhooks is identical in resource, orgId, event, filter, name, targetUrl etc. This largely points to programming errors rather than intent and we are going to remove these duplicate webhooks from the database ( all but 1 ). Also in the future you may receive errors when trying to register duplicate webhooks.

The following changes to the Webex Meetings API are now available:

• Registration support has been added to /meetings. When this option is enabled, meeting invitees must register in order to join the meeting. Meeting invitees will receive an email with a link to the registration form with the fields requested during meeting creation.

• /meetingPreferences now supports the previously introduced functionality allowing applications to act on behalf of another user in the organization.

• /meetingInvitees now supports the previously introduced functionality allowing applications to act on behalf of another user in the organization.

• /meetings now has a boolean that allows developers to specify if they want to suppress sending the email invitations that are currently sent by default when meetings are created.

You now have the ability to set Webex Calling features via the API. Voicemail settings, call forwarding and even caller ID can be easily configured with simple API invocation by a user or admin. For the full set of features please see the Webex Calling Person Settings

As an admin you can now update a person's loginEnabled status field via a PUT request to the /person API. This has the same effect as activating/deactivating a person in Control Hub.

The API reference page for the /events API now highlights previously introduced event types that were only formally documented in the Compliance Guide. References to space classifications ( room updates ) and tabs ( room tabs ) and the well known attachmentActions for buttons and cards are highlighted.

The following changes to the Webex for BroadWorks APIs are now available:

• The Webex for BroadWorks package softphone can now be assigned to a subscriber by using the Provision a BroadWorks Subscriber API or by using the Update a BroadWorks Subscriber API.

• The List BroadWorks Subscribers API now lists subscribers by Organization ID when no other parameters are specified.

• Several new error codes are now documented on the Webex for BroadWorks Developer Guide. These can be found in the API Error Codes section.

In preparation for multipart-form data as the only way to support file uploads ( Changelog entry on Jan 6, 2021), our developers have asked for a time extension to accommodate these changes. We will enforce the multipart form data upload by April 15th. In the interim developers will receive a 200OK with a header message and an error:warning body that other types of uploads will stop working by that date.

The /events API for Compliance Officers now provides events for room tabs configuration in spaces when you click the + to add a static webpage. The resource name is just tabs . Events are generated when a user in a space creates, updates or deletes a Room (Space) Tab and are reflected with the corresponding event type in the /events API.

The List Team Memberships API will soon enforce a maximum value for the max query parameter. Currently, requests made for more than 1000 events will return a varying number of results. After Feb 15, 2021, requesting more than 1000 team memberships will return an HTTP 400 error.

The List BroadWorks Subscribers API now includes a lastStatusChange query parameter, which only includes subscribers with a provisioning status change after the specified date and time.

We now support editing of messages via API, just like you can do in the clients today. Message edits are done via PUT. Further details can be found here

We are provisioning several new types of licenses to new and existing users in support of the modular client functionality. An example of these licenses is basicMessage, basicMeeting. These will help admin's to configure or disable certain features, like message only or video only clients. These licenses are assigned in an ongoing process. As always when you do a PUT on a person, please do the GET first and replay the whole message content with your modifications.

We are adding two new endpoints for working with Meetings. /meetingParticipants and /meetings/controls.Meeting Participants allows you to retrieve and update participant information for live or finished meetings. This endpoint also supports the previously introduced functionality allowing applications to act on behalf of another user in the organization. Meetings Controls allows applications to see and update meeting features like the recordingStarted, recordingPaused, or locked state.

Coming Feb 15, 2021, we will no longer allow file attachments via urls in the messages files field. Instead, use multipart/form-data to attach files directly into the message. Examples for multipart/form-data upload can be found here

We now provide the ability for org admins to work with the meetings endpoint on behalf of another user via the new hostEmail field. This opens up a whole new set of capabilities where an authorized app may act on behalf of any user in the org to schedule, read, update meetings. Please see the meetings endpoint for the 2 new fields hostEmail and siteUrl and the Admin section in the meetings REST API guide

We now provide the ability for org admins to work with the recordings endpoint on behalf of another user via the new hostEmail field. This opens up a whole new set of capabilities where an authorized app may act on behalf of any user in the org to retrieve meeting recordings. Please see the recordings endpoint for the 2 new fields hostEmail and siteUrl and the Admin section in the meetings REST API guide

We do provide now the ability for org admins to query meeting-qualities-data for experience and quality analysis in orgs with ProPack subscription. The data is similar to what admins can see today in the analysis report, but is provided in raw form for analysis by 3rd party systems. Please see here

We are providing the ability to set and retrieve Space Classifications via the API. Space Classifications need to be configured by an admin in Control Hub and will be available to users to apply to spaces/rooms. Unclassified spaces default to public. Rooms resources classified higher than public will have a classificationId which can be compared to the results of the new /classifications API. Events are available as room update events. Don't forget a classification can only be up classified (e.g. confidential -> highly confidential) and never down classified in either the API or the client.

The List Teams API will soon enforce a maximum value for the max query parameter. Currently, requests made for more than 1000 events will return a varying number of results. After December 1, 2020, requesting more than 1000 people will return an HTTP 400 error.

To increase performance and safety of our and our customers systems, we will restrict file uploads via the messages API by Dec 1, ’20. As a first step files of the following mime types will not be fetched for upload anymore: application/octet-stream, application/x-zip-compressed, application/x-msdownload, application/x-apple-diskimage Mime types must be provided to being able to filter according to these restrictions. Files, where the server doesn't return a MIME or Content-type will be rejected. In addition by Jan 31, ’21 we will not allow file attachments via the messages files field any longer. Instead customers are required to use multipart/form-data to attach files directly into the message. Examples for the multipart/form-data upload can be found here

The List People API will soon enforce a maximum value for the max query parameter. Currently, requests made for more than 1000 events will return a varying number of results. After November 10, 2020, requesting more than 1000 people will return an HTTP 400 error.

The new Workspaces API will replace the Places API, which will be deprecated on March 31, 2021. In addition to what the Places API provided, the new Workspaces API allows developers to assign a type and a capacity for a workspace. For more information on workspaces, see the blog post Workspaces in Control Hub— What’s in it for you?.

Users who interact with buttons and cards in a Space Widget will now see the buttons and cards rendered in the widget as well. Developers who write apps that send cards can now use the data URI to embed images directly into the body of the message request instead of specifying html url references.

Read More

Admin users have the capability to filter the /people endpoint using the orgId to get a list of all users. The list response contains the user status for each person in the list. As a performance improvement, this user status will be removed from the default response. The info can be retrieved by using the query filter showAllTypes=true if the person's status information is required. Queries executed for specific users and queries done by regular users will not experience any change.

We may return a new status code 428 when trying to download files for users with Extended Security Pack when the files cannot be scanned for malware. The 428 code indicates that the file is unscannable, which is often true for encrypted files. API users will be able to force a file download with the parameter allow=unscannable.

We are making changes to the markdown rendering mechanism for improved performance and extensibility. While we have tested the most common scenarios users may experience differences in how their markup is shown in spaces after the rollout. If you experience such issues, please contact support at devsupport@cisco.com or join the #webex4devs space for support.

Our initial release of the RESTful meetings APIs were focused primarily on scheduling, and the List Meetings API responded only with scheduled meetings objects, or meetings that have a meetingType of meetingSeries or scheduledMeeting. Theses APIs will now also return meeting objects that have a meetingType of meeting, which represents an instance of a meeting that is happening or has happened in the past. When using the state query parameter on the List Meetings API, you may now use the states inProgress, ended, missed, or expired in addition to the previously working values active, and scheduled.

This will allow developers to create apps that discover meetings that have happened, meetings that have been missed, etc.

The /recordings will now accept a meetingId as a search parameter allowing developers to access the recording for a meeting that has ended.

We introduced a new message updated event, covering when a message in a space is edited. Previously, message edits showed as message creation events with an updated timestamp field. To make it easier for developers and CASB vendors to identify messages updated, the right event type - "updated" - is now used. Previous message edits will not be reclassified, i.e. the "updated" field will be present for messages from September 10th forward.

Administrators for organizations with Webex Calling can now set and get users location, phone number and extension via the /people API and the new /locations API. Learn more about the new Webex Calling Provisioning API please see the updated Webex Calling Guide.

Memberships now includes a roomType response property, which specifies the type of space (direct 1:1 or group) the membership is associated with.

You can now update the visibility of direct 1:1 spaces in the Webex Teams clients via the API. Memberships now includes the isRoomHidden parameter to specify whether a 1:1 space is hidden or visible in the clients. To change the visibility of a 1:1 space, use the Update a Membership endpoint. Compliance officers can update the visibility of memberships for any user in an organization.

The List Events API will soon enforce a maximum value for the max query parameter. Currently, requests made for more than 1000 events will return a varying number of results. After August 17, 2020, requesting more than 1000 events will return an HTTP 400 error.

The List Rooms API will soon enforce a maximum value for the max query parameter. Currently, requests made for more than 1000 rooms (spaces) will return a varying number of results. After September 4, 2020, requesting more than 1000 rooms will return an HTTP 400 error.

You can now use Webex Calling call control features with a new API: Call Controls. For more information about working with Webex Calling calls, see the Webex Calling Guide.

The Licenses API now provides more information about Webex Meetings licenses, including the site URL, subscription ID, and site link status.

You can now manage Webex Meetings with the new Webex Meetings REST APIs. With the new APIs, you can view, schedule, and manage Meetings, manage Meeting Invitees, retrieve or delete Recordings, and view or configure Meeting Preferences. Learn more about the new APIs in our blog: Introducing the new Webex Meetings REST APIs.

Buttons and Cards now support Adaptive Cards 1.2 features. The Messages API will also now validate card syntax before sending new messages. There's also a new, interactive Buttons and Cards Designer to design and create cards. Learn more about the changes in our blog: Buttons and Cards now support Adaptive Cards 1.2.

The Webex REST API has a new host name: webexapis.com. The new host name works just like the old one. All API resources and endpoints from api.ciscospark.com are now available at the new host name. Read more about the change in our blog: Introducing the new webexapis.com.

The Rooms API now includes an ownerId response property, which provides the ID of the organization which owns the room. For more information about room ownership, see Webex Teams Data in the Compliance Guide.

The Messages API now supports threaded message conversations in Webex Teams. Use the new parentId property when creating a message to create a new thread or to reply to an existing message thread. You can also use the new parentId query parameter to list messages in a particular thread.

Administrators for an organization can now use the new Hybrid Clusters and Hybrid Connectors resources to view details about their Cisco Webex Hybrid Services deployments via the Webex API.

Webex Devices and Places may now be managed via two new API endpoints: Devices and Places. For more information about working with devices and places, see the xAPI Guide.

You can now use the xAPI to programmatically invoke commands on and query the status of devices that run Webex RoomOS software. Check out the xAPI Guide and xAPI API Reference to get started.

Full administrators for an organization can now list Webex Control Hub Admin Audit Events. See this article for more information about the types of events that are available.

Your apps can now provide a web-like user interface with actionable buttons, input text boxes, dropdowns, checkboxes, images, and more right within Webex Teams spaces by including Cards when creating a message. Check out the announcement on the blog to learn more.

The sipAddress property currently returned via the Get Room Details endpoint is now deprecated. After September 30, 2019, this property will no longer return the SIP address for the space. Instead, use the Get Room Meeting Details endpoint to retrieve the space's SIP address along with more detailed meeting information such as PSTN numbers and the meeting URL.

You can now retrieve extended meeting details for a space (room). Use the new Get Room Meeting Details action to see the meeting details for the space such as the SIP address, Webex Meetings URL, and PSTN dial-in numbers.

People now includes additional status values: "call", "meeting", and "presenting". See this article for more information about the different status options in Webex Teams.

People will soon include a new response property: lastModified, which will specify the date and time when the person was last modified, either directly via the API, Webex Control Hub, or the Cisco Directory Connector.

Memberships will soon include two new response properties: roomType, which will specify the type of space (direct 1:1 or group) the membership is associated with, and isRoomHidden, which will specify whether or not a 1:1 space is hidden in the Webex Teams clients for the participant.

Beginning April 27, 2019, the Webex platform will require that API clients use the Transport Layer Security (TLS) 1.2 protocol. To align with industry best practices for transport security, the TLS 1.1 encryption protocol will be disabled on all endpoints. See this blog post for more information.

The People API now includes a phoneNumbers response property, which will provide the phone numbers associated with the person. This read-only property will only be returned for people within the same organization.

Currently, compliance officers can only see membership Events for spaces owned by their organization. Soon, compliance officers will have access to membership events for all spaces which include members of their organization, regardless of the space's owner.

Compliance officers can now delete messages in 1:1 spaces that were sent by an external user. Previously, messages in 1:1 spaces from an external user could only be monitored.

You can now retrieve messages in a 1:1 space without first knowing the roomId of the conversation. Use the new List Direct Messages action with the other party's person ID or email to retrieve messages from the 1:1 space.

A new type of application is now available! Guest Issuer apps may now be created to let guest users collaborate with your organization’s paid users. See our Guest Issuer documentation for more information about Guest Issuer apps.

The Memberships API will no longer return memberships and will instead return a 404 Not Found for team spaces (rooms) which are archived.

Webex Resource Groups for Hybrid Services may now be managed via two new API endpoints: Resource Groups and Resource Group Memberships. For more information about managing Resource Groups via the Webex API, see the Managing Hybrid Services guide.

The People API will soon include a new phoneNumbers field, which will provide the phone numbers associated with the person. This read-only field will be returned for people within the same organization.

Group mentions in messages are now included in Messages API response details. A new response parameter, mentionedGroups, will be present if a group is @mentioned in a message.

The Messages API now accepts group mentions, such as @all, when creating new messages. See the Formatting Messages guide for details.

The Messages API will soon accept group mentions, such as @all, when creating new messages. Check back for more information within the coming weeks.

The Messages API no longer rejects new messages which contain an @mention for an email address that is not associated with a Webex Teams user. The message will contain the display name, if provided, or the email address in plain text instead of the @mention.

Two new roles will soon be available via the Roles API: User Admin and Device Admin. These roles may be assigned or unassigned to users with the People API.

The Messages API currently accepts values for both the text and markdown parameters when sending a message. After July 15, 2018, this API will return an error if a new message contains values for both parameters. Use only one parameter for the message body. Markdown content will be automatically transformed to plain-text for API clients which support only plain-text messages.

The following scopes have been deprecated and will no longer work after August 15, 2018: spark-admin:events_read, spark-admin:memberships_read, spark-admin:memberships_write, spark-admin:messages_read, spark-admin:messages_write, spark-admin:rooms_read, spark-admin:teams_read, spark-admin:team_memberships_read, and spark-admin:team_memberships_write. They are no longer available for testing via Test Mode in the Webex Teams API Reference, or with your portal token, if you are an Organization Administrator. These scopes have been replaced by spark-compliance scopes for use by designated Compliance Officers. See this guide for more information about compliance scopes.

The Messages API currently accepts @mentions in 1:1 messages. After May 26, 2018, this API will return an error if a message sent to a 1:1 space contains an @mention.

All licenses for Hybrid Services which are available for an organization, both enabled and disabled, will now be returned via the Licenses API. Hybrid Services licenses may now be assigned to users before a particular service is activated.

Beginning March 17, 2018, the Cisco Spark platform will require API clients to use TLS 1.1 or higher. The TLS 1.0 encryption protocol will be disabled on all endpoints to align with industry best practices for transport security. See this blog post for more information.