|
UPLINX Remote Phone Control for Webex Calling is designed with security as a priority.
The following points outline how the tool communicates and handles credentials.
API Communication
All communication is made exclusively via the Cisco-hosted Webex Calling API over HTTPS https://webexapis.com/v1/. For more API info, please see Webex Calling API.
There is no direct communication to phones. All phone control commands — including screenshots, key presses, and status queries — are sent through the Webex Calling API, which then relays them to the phone. No other outbound communication takes place.
This means the tool is 100% safe to deploy in corporate environments without requiring any additional firewall exceptions or network changes beyond HTTPS access to the above endpoint.
Credentials and Token Security
Connecting to the Webex Calling API requires an access token. Your Webex username and password are entered directly into the Cisco Webex login page in your browser — they are never seen, stored, or transmitted by the tool. Your credentials remain completely safe.
The token is transmitted automatically throgh the OAuth process — no copy/paste is required. The token is valid for 14 days after generating it. Cisco sets a fixed expiry of 14 days, after which the token automatically becomes invalid and a new one must be obtained. This timeout is enforced by Cisco and cannot be changed.
Timeout of Token
The token timeout is set by Cisco to 14 days and cannot be changed. Your token will be saved with symmetrical encryption into the config file. If you do not want to have it saved, please click "Clear Token" on the server tab, and then close the application.
Summary
|
API endpoint
|
https://webexapis.com/v1 (Cisco-hosted)
|
|
Phone communication
|
Via API only — no direct connection to phones
|
|
Other communication
|
None
|
|
Username / password
|
Never seen or stored by the tool
|
|
Token validity
|
24 hours — enforced by Cisco
|
|
