Cisco Finesse Release ES8 App User Guide

Cisco Finesse Release ES8 App User Guide

Cisco Finesse Release 12.5(1) ES8

Valid Upgrade Paths

Cisco Finesse Release 12.5(1) ES8 is delivered as a Cisco Option Package (COP) file. You can only apply this COP file to systems that have Cisco Finesse Release 12.5(1) FCS installed or any previous 12.5(1) ES.

Installing Finesse Release 12.5(1) ES8

You must perform the following procedure first on the primary Finesse node and then on the secondary Finesse node.

IMPORTANT: You must use the CLI to perform this upgrade. Do not use the Cisco Unified

Operating System Administration page to perform this upgrade or the installation may not proceed.
Installing this ES or performing a rollback stops and restarts certain Finesse services. To avoid interruption, perform the installation or rollback during a maintenance window.
During ES installation and rollback, ensure that the SSH session is alive throughout the installation process. If not, installation will not be successful.

1. Download finesse-cce.1251.ES08.10000.cop.sgn to an SFTP server that can be accessed by the Finesse system.

2. Use SSH to log in to your Finesse system with the platform administration Account.

3. Access the CLI and run the following command: utils system upgrade initiate

4. Follow the instructions that appear on your screen.
   When prompted, provide the location and credentials for the remote file system (SFTP server).
   Note: The COP file performs a check to ensure that Cisco Finesse Release 12.5(1) is installed. If this release is not found on your system, an error is displayed, and the installation does not proceed.

5. When presented with a list of available upgrade options, select finessecce.1251.ES08.10000.cop.sgn.

6. After installation is complete, restart the system using the command: utils system restart

7. To verify that Finesse is now running the correct release, access the CLI using the Administrator credentials and enter the following command: show version active Ensure that finesse-cce.1251.ES08.10000.cop.sgn is listed as an Optional package. Otherwise, contact Cisco Technical Support.

8. Check that the installation is successful by signing into Finesse (https://FQDN-of- Finesseserver:8445/desktop).
   Note: Ensure that you clear the browser cache.

Rollback

If there is a problem with the installation, you can roll back to the previous version as follows:
Note: The Finesse Rollback COP file restores your system to the base Finesse Version (in this case, Cisco Finesse Release 12.5(1)).

1. Download the file finesse-cce.1251.ES.Rollback.cop.sgn to an SFTP Server that can be accessed by the Finesse system.
2. Use SSH to log in to your Finesse system with the platform administration Account.
3. Access the CLI and run the following command: utils system upgrade initiate
4. Follow the instructions that appear on yourscreen. When prompted, provide the location and credentials for the remote file system (SFTP server).
5. When presented with the list of available upgrade options, select finessecce.1251.ES.Rollback.cop.sgn
6. After rollback is complete, restart the system using the command: utils system restart
7. To verify Finesse is now running the correct release, access the CLI using the Administrator
   credentials and enter the following command: show version active
   Ensure that finesse-cce.1251.ES.Rollback.cop.sgn is listed under Optional packages. Otherwise, contact Cisco Technical Support.
   Note: Ensure that you clear the browser cache.

Resolved Caveats and Feature Updates in Release 12.5(1) ES8

Resolved Caveats and Feature Updates in Release 12.5(1) ES7

Resolved Caveats and Feature Updates in Release 12.5(1) ES6
Finesse Notification Service
Finesse Notification Service is proxied locally by the Webproxy service. The Webproxy service is required to access both Finesse API and Notification services.
Note: Third-party XMPP clients of the Finesse Notification Service must issue keep alive pings to ensure that the connection stays alive.
Note: Cisco Finesse deployments with more than 1250 concurrent users connected to a single Finesse cluster should use the default Websockets notification mechanism.
Removed and Unsupported Features
Context Service Management
The Context Service Management feature is removed from the Cisco Finesse APIs.
Resolved Caveats and Feature Updates in Release 12.5(1) ES5

Resolved Caveats and Feature Updates in Release 12.5(1) ES4

Drop Participants from Finesse Desktop
The Drop button is displayed on the call control area only if the administrator has set the permission for an agent or supervisor to drop participants from the conference call.
For more information to drop participants from Finesse desktop see, Intercept a Call section in the Common Tasks chapter of Cisco Finesse Agent and Supervisor Desktop User Guide, Release 12.5(1) at https://www.cisco.com/c/en/us/support/customer-collaboration/finesse/products- user-guide-list.html.

Desktop Property Updates
The administrator can set permission to allow an agent or a supervisor, who is the participant in a conference call using the Finesse desktop, to drop other agents, supervisors, or non-agents from the conference call.
The desktop property to drop participants from a conference call are:

• enableDropParticipantFor— This property is used to set permissions to allow the agents, supervisors, or both to drop other participants from the conference call. The possible values for the enableDropParticipantFor property are:
  • supervisor_only— (default value) Only the supervisor, who is a participant of the conference call, can drop other agents in the conference call.
  • conference_controller_and_supervisor—The supervisor who is a participant of the conference call or an agent who initiated the conference call (conference controller) can drop other participants.
• all—Any agent or supervisor who is a participant of the conference call can drop other participants.
• dropParticipant—This property controls the listing of agents and non-agents in the Drop options list of participants in the Finesse desktop. The possible values for the dropParticipant property are:
  • agents— (default value) The agents or supervisors who are participants of the conference call are displayed in the Drop options list of participants in the Finesse desktop.
  • all—The agents, supervisors, CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device in the conference call are displayed in the Drop options list of participants in the Finesse desktop.

For more information see, Drop Participants from Conference section in the Manage Desktop Layout chapter of Cisco Finesse Administration Guide, Release 12.5(1) at
https://www.cisco.com/c/en/us/support/customer-collaboration/finesse /products-maintenanceguides-list.html.
Restricting Access to the External XMPP Notification Port 5223
Use the following CLI commands to restrict the IP addresses from accessing the TCP-based XMPP notification port (5223) available for external client connectivity. 
Note:

• These restrictions do not affect the desktop XMPP notification port 7443.
  You can add, delete, or view the configured IP addresses only when the enable External Notification Port Access property is enabled on all the Finesse nodes in the cluster. Toenable access to port 5223 use the CLI command utils finesse set property webservices enable External Notification Port Access true.

• utils finesse notification external port access add [ip1,ip2,ip3]— This command adds one or more IP address(es) to the list of hosts that are configured to access Cisco Finesse XMPP notification port 5223. Multiple IP addresses can be provided as a comma-separated list.

• utils finesse notification external port access delete— This command deletes one or more IP address(es) from the list of hosts that are configured to access Cisco Finesse XMPP notification port 5223. Multiple IP addresses can be provided as a comma-separated list.

• utils finesse notification external_ port access delete all— This command deletes all the configured IP addresses allowed to access the Cisco Finesse XMPP notification port 5223.

• utils finesse notification external port access list— This command lists all the configured IP addresses allowed to access the Cisco Finesse XMPP notification port 5223.

CLI Name Change
From Cisco Finesse Release 12.5(1) ES4 COP onward, all references to whitelist in the CLIs are changed to allowed_ list.

source check allowed list add
utils finesse gadget source_ check whitelist delete| utils finesse gadget source check allowed_ list delete
utils finesse gadget _source _check whitelist list| utils finesse gadge t_source_check allowedlist list
utils finesse frame access_ whitelist add| utils finesse frame _access _allowed _list add
utils finesse frame access whitelist delete| utils finesse frame _access _allowed _list delete
utils finesse frame access whitelist list| utils finesse frame access allowed_ list list

Resolved Caveats and Feature Updates in Release 12.5(1) ES3

Permissions to Drop Participants from Conference Use the following commands to allow an agent or a supervisor, who is the participant in a conference call, to drop another agent, supervisor, or caller (participants) from the conference call.

Note: Only agents and supervisors can drop participants in the conference call.

utils finesse set property webservices enable Drop Participant For supervisor only— This command allows only the supervisor, who is a participant of the conference call, to drop other agents in the conference call. The supervisor cannot drop a CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device. By default, this property is set to supervisor _ only.

• utils finesse set property webservices enable Drop Participant For conference controller and supervisor— This command allows,
  • the supervisor to drop any agents, CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device in the conference call.
  • the conference controller (an agent who initiated the conference call) to drop another agent, supervisor, CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device in the conference call.
• utils finesse set_property webservices enable Drop Participant For all— This command allows any agent or supervisor in the conference call to drop another agent, supervisor, CTI Route Point, IVR port, a device to which no agent is signed in, or a caller device in the conference call.

Dialog—Drop Participant from Conference API

Cisco Finesse, Release 12.5(1) ES3 COP or higher permits an agent or supervisor, who is the participant in a conference call, to drop another agent, supervisor, or caller (participants) from the conference call.
This feature is only available for supervisors by default. The Finesse CLI can be used to enable the
Dialog—Drop Participant from Conference API to agents and also to allow dropping other non-ACD participants from the call.

Supported Content Security Policy Directives

Content Security Policy (CSP) is a standardized set of security directives that can inform the browser of the policies to be used to help mitigate various forms of attacks. CSP frame-ancestor policy defines the allowable locations from where the Finesse desktop can be accessed as an embedded HTML content, which can help prevent click-jacking attacks.
Use the following CLI commands to view, add, or delete the frame access sources in the response header of all the Cisco Finesse URLs within their HTML pages. This ensures only the valid sources configured will be able to embed the Cisco Finesse URLs in their iFrame.
Note: Internet Explorer does notsupport frame-ancestors, and therefore will not block any web sites running on Internet Explorer, from loading Cisco Finesse within it.

• utils finesse frame_access_whitelist add [source1,source2]—This command adds one or more frame access sources (webpages), thereby allowing the configured sources to embed the Cisco Finesse URLs in their iFrames. Multiple sources can be provided as a comma-separated list. The source should be of the following format:
  • https://:[port]
  • https://IP:[port]
  • https://:port,https://:port

Note: Wildcard character * is also supported for the FQDN and port entries, which indicates that all the legal FQDN or ports are valid.

• utils finesse frame_access_whitelist delete— This command lists the choices for deleting theframe access sources (webpages). The choice should be an index as displayed from the list ofallowed frame access sources. The list provides the option to delete a single source or all configured sources.
• utils finesse frame_access_whitelist list— This command lists all the frame accesssources (webpages).

Resolved Caveats and Feature Updates in Release 12.5(1) ES2

‘http://jabber.org/protocol/pubsub’ to ‘urn:xmpp:push:0’.| 4

IP Address or Hostname or Domain Name Change
Administrator can change the IP address or hostname or domain name of the Cisco Finesse cluster nodes in your deployment has been introduced.

Note:

• If the certificates are invalid or have expired, you must renew the certificates before using the CLI set network hostname.
• If you want to apply Rollback COP after changing the IP address or hostname or domain name, then revert to the previous IP address or hostname or domain name.

For more information on the detailed procedure, see the Manage IP Address and Hostname section in
Cisco Finesse Administration Guide, Release 12.5(1) at
https://www.cisco.com/c/en/us/support/customer-collaboration/finesse /products-maintenance-guideslist.html.

Agent Skill Target ID
The skill ID associated to the agentsigned in, is available in the User API response, User JavaScript object,
and gadget configuration. This API is supported only for Unified CCE deployments.

• The following field has been added to the response of User REST APIs:
• skill Target Id—The Skill Target ID assigned to the agent in the Unified CCE Database.

The following are the updates in the JavaScript APIs:

• finesse. gadget. Config—Added a field cce Skill Target Id which refers to the skill ID of the user.
• finesse.restservices.User—Added a function get Skill Target Id() which retrieves the skill ID of the user.

Resolved Caveats and Feature Updates in Release 12.5(1) ES1

Enable or Disable Plain XMPP Socket—Port 5223
CLI commands have been introduced to facilitate the modification of configuration properties with ease.
Use the following CLI commands to enable or disable the external access of the Cisco Finesse Notification Service TCP-based XMPP port (5223). The port can be enabled for external client connectivity only if you have third-party solutions that connect directly to the Finesse Notification Service over this port. By default, the port is enabled (value is set to true).
When the port is enabled, it can be accessed between the Cisco Finesse nodes (primary and secondary) and also outside the Cisco Finesse clusters. When the port is disabled, it can be accessed only between the Cisco Finesse primary and secondary nodes.

• utils finesse set_property webservices enable External Notification Port Access true: Enables access to 5223 port, which provides external clients with TCP based XMPP connectivity to notifications provided by the Cisco Finesse Notification Service.
• utils finesse set_property webservices enableExternalNotificationPortAccess false: Disables access to 5223 port, which provides external clients with TCP based XMPP connectivity to notifications provided by the Cisco Finesse Notification Service.
• utils finesse show_property webservices enable External Notification Port Access: Displays the current access status to 5223 port, which provides external clients with TCP based XMPP connectivity to notifications provided by the Cisco Finesse Notification Service.

Note:

• * The external Notification port is used by an alternate node in the Finesse cluster and disabling it will only prevent third-party clients from connecting to it.

  • Fine-grained access to this port based on client IP can be achieved using the utils finesse notification external_port_access CLI.Dual-Tone Multi Frequency (DTMF) Desktop Behavior

CTI communication architecture has been optimized in Cisco Finesse Release 12.5(1), which has introduced changes in the Finesse API behavior. As a result of this change, it is suggested that call control requests for the same device should not be sent to the Finesse server until the response to a previous call control request has been received. Multiple DTMF requests can however be send one after another, and the server queues them up for you without any error.

To prevent CTI errors, the Finesse desktop disables call control buttons such as Hold, Transfer, Consult, Wrap-Up, and End across all calls when the DTMF Keypad is opened until the responses to all of the DTMF requests have been completed or timed out. It is suggested that third-party clients follow the same design. The number of outstanding DTMF requests and the timeout duration can be configured using the Finesse CLI.

DTMF Pending Requests Threshold Count

DTMF Keypad prevents new operations when network or server slowness results in more than configured number of (default of 20) outstanding response to previous DTMF requests are awaited. This number can be configured using properties CLI.

• To configure the DTMF threshold count for pending requests:
  utilsfinesse set_property desktop pendingDTMFThresholdCount

• To view the configured DTMF threshold count:
  utils finesse show_property desktop pendingDTMFThresholdCount

DTMF Request Timeout
Cisco Finesse waits for a configured time for each DTMF pending request.

• The default timeout is 5 seconds.
• To configure the DTMF timeout for pending requests:
  utils finesse set_property desktop dtmfRequestTimeoutInMs

Note: These DTMF desktop properties can be customized at team level desktop properties configuration. For more information, see Customize Desktop Properties in Cisco Finesse Administration Guide at https://www.cisco.com/c/en/us/support/customer-collaboration/finesse /products-maintenance-guideslist.html.

SSO Desktop Updates

SSO Desktop Updates

• In SSO mode the access token and refresh tokens are changed to ‘httponly’ mode cookies for security reasons.

SSO Developer Updates

• Cisco Finesse REST APIs are enhanced to get the access token and refresh tokens in the response body.
• Third-party clients who were relying on the SSO cookie values must change their JavaScript APIs to use the enhanced Finesse REST APIs.
• Fetch Access Token API endpoint (https://finesse1.xyz.com/desktop/sso/token) has a new optional parameter return_refresh_token=true|false to get the refresh token in the response body.

Note: When you use the return_refresh_token=true query parameter in Single Sign-On— Fetch Access Token API, access token and refresh token cookies are not added to the response.
All information is provided as part of the response body, which can be directly used by the thirdparty clients. Use this query parameter when third- party clients use Cisco Finesse SSO APIs alongside Finesse desktop in the same browser. Using this query parameter prevents agent logging out from Finesse desktop due to the override of the desktop cookie due to third-party client activity.

• On Refreshing existing access token, use the new optional parameter refreshtoken= along with the existing token in the query parameter.

Note: If the token was initially fetched with the return_refresh_token=true query parameter, then the refresh token in request payload is mandatory.

Fix for Vulnerabilities in jquery, jquery-migrate & jquery-ui libraries
To fix the XSS related vulnerabilities for jquery, jquery-migrate and jquery- ui, Finesse has done the following:

1. Upgraded the jQuery version to: 1.12.4 and jquery-migrate to: 1.4.1. These addresses certain reported CVEs (Refer the related Defect notes for more details about addressed CVEs).
2. Specific code fixes are backported to address remaining CVEs (which are not covered in step: 1) which are reported for both the libraries, that is, jquery and jquery-ui.

Fix Vulnerabilities in Bootstrap library
To fix the XSS related vulnerabilities for Bootstrap, Finesse has done the following:

1. Code fixes are backported to address reported CVEs (Refer the related Defect notes for more details about addressed CVEs) for Bootstrap library.

BOM for jQuery and Bootstrap for Finesse

Finesse JavaScript API Documentation Updates For other API documentation improvements, refer to the Cisco Finesse 12.5(1) JavaScript API documentation on Cisco Devnet.

Bug Search Tool

To access the Bug Search Tool, go to https://bst.cloudapps.cisco.com/bugsearch/ and log in with your Cisco.com user ID and password.

References

• Cisco Finesse - End-User Guides - Cisco

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>