Side Effects: Enabling the API On a Site
While the task of enabling the API for access is easily accomplished, it is important to understand the effects of enabling the API on your or your customer's site. Included below is a brief summary of how the WebEx Web Conferencing API can affect a site. See also the section on how changing various settings via the Site Admin tool can affect the WebEx Web Conferencing API.
MyWebEx Web Conferencing Profile
When APIs are enabled for a site, the Password Setting under the MyWebEx Web Conferencing Profile link is disabled by default. This is to maintain data integrity of user login credentials that are managed and issued externally to the WebEx Web Conferencing site. It prevents users from changing their password in their profile, which would break the API login mechanisms. If you wish to restore the Password Setting, you can enable the setting "Allow user to change password even if Auto Login APIs are on" option in the Security Options area under Site Preferences in the Site Admin Tool.
Login Assistance button
When APIs are enabled for a site, the Login Assistance button is disabled by default for similar data integrity reasons as described above. This can be re-enabled by the setting "Allow user to change password even if Auto Login APIs are on" option in the Security Options area under Site Preferences in the Site Admin Tool.
One-Click Meeting desktop icon
When APIs are enabled, and the integration uses login credentials that are not known to a given user, the user may find that when they launch a One-Click Meeting, they are not able to login. If One-Click Meetings are desired, users must have access to their WebEx Web Conferencing site and also know their WebEx Web Conferencing login and password.
Access Anywhere Installation
When APIs are enabled, and the integration uses login credentials that are not known to a given user, the user may find that they can not successfully install Access Anywhere. If you want users to be able to do this, they must have access to their WebEx Web Conferencing site and also know their WebEx Web Conferencing login and password.
When a site has multiple WebEx Web Conferencing services enabled, the API integration must be careful to select which service is "active" when issuing URL API calls. Service type selection is implemented using the Set Service Type call (AT=ST) on the My Profile Page (o.php).
By default, meetings created via the API are only viewable in the Meeting Calendar of the WebEx Web Conferencing site for the host that created them. However, there is a flag in the various WebEx Web Conferencing URL and XML API schedule meeting commands that will change this behavior and allow the meetings to be listed for all.
By default, when scheduling a meeting via the WebEx Web Conferencing API, no invitation e-mails are sent to invited attendees. This behavior can be changed using a flag in the various URL and XML API schedule meeting commands. Reminder e-mails are also available via an option flag.
"Why am I getting Access Denied?" With the URL based API, an Access Denied error message is an indicator that WebEx Web Conferencing doesn't "know" who you are. When a host is logged in, either via the WebEx Web Conferencing interface or via the WebEx Web Conferencing API, a session cookie is created and attached to the browser. That cookie is used to authenticate the host as they access WebEx Web Conferencing features or API calls are made. If there is a period of more than 30 minutes of inactivity, the cookie dies and the host must log in again. If the host does not log in again, they will receive the Access Denied message. A workaround for URL API calls is to precede any request with a login command (AT=LI). This issue does not affect the XML API because every XML request contains authentication information in the security context of the request.