Important changes to how Team Messaging files are downloaded
On July 1, 2021 RingCentral will make changes that will affect how Team Messaging (a.k.a. “Glip”) files are downloaded and accessed over the Internet. The change we are making will affect all downloadable files and will ensure that only authorized personnel have the ability to download these assets.
The change we are making will not affect the schema requests or responses, and will only affect the URLs from which files are accessed. The change we are making will require all developers to transmit bearer authentication credentials in an HTTP Authorization header in order to download file contents.
All existing cached and distributed links will likewise now require authentication for file access. To learn more about authenticating your requests, please see our Authentication documentation and accessing protected files documentation.
Who and what apps will this impact?
If you utilize any of the following endpoints and data elements, your application is likely to be affected:
glip/persons
glip/chats/posts
- https://developers.ringcentral.com/api-reference/Posts/readGlipPosts
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/readGlipPost
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/createGlipPost
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/patchGlipPost
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri
glip/posts (DEPRECATED)
- https://developers.ringcentral.com/api-reference/Posts/listGlipGroupPosts
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/createGlipGroupPost
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/listGlipPosts
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri - https://developers.ringcentral.com/api-reference/Posts/createPost
records.attachments.[?(@.type==File)].contentUri
records.attachments.[?(@.type==Task)].attachments.[?(@.type==File)].contentUri
glip/data-export
- https://developers.ringcentral.com/api-reference/Glip-Compliance-Exports/readDataExportTaskDataset
members.json: records.profileImage
files.json: records.contentUri
glip/chats/tasks, glip/tasks
- https://developers.ringcentral.com/api-reference/Tasks/listChatTasks
records.attachments.contentUri - https://developers.ringcentral.com/api-reference/Tasks/readTask
attachments.contentUri - https://developers.ringcentral.com/api-reference/Tasks/createTask
attachments.contentUri - https://developers.ringcentral.com/api-reference/Tasks/patchTask
attachments.contentUri
In addition to the above Glip endpoints, a number of Glip events (often delivered via a webhook) will also be impacted. Those events are:
- postAdded
What do I need to do?
To eliminate or minimize the impact of this change, developers will need to modify their application to attach authentication credentials to all file download requests. See downloading protected content in the Media content section of the RingCentral Developer Guide.
Developers are welcome to begin transmitting their authentication credentials in advance of this change. Doing so will make your application forwards-compatible with this planned update, and ensure operational continuity when then change is released.
