# Real-World Integration Patterns & Deployment ## Common Integration Patterns ### Pattern 1: Salesforce ↔ Genesys Contact Sync ``` Scenario: Synchronize Salesforce contacts to Genesys external contacts Architecture: Genesys Cloud API ↑ │ PATCH /externalcontacts │ (partial updates, Mar 2026) │ Sync Service (Node.js/Python) ↑ │ Query Salesforce API │ Salesforce Org Frequency: Every 30 minutes Direction: Salesforce → Genesys (one-way) Trigger: Scheduled job (cron) Volume: ~1,000 contacts per sync Authentication: Salesforce: ├─ OAuth 2.0 (your existing setup) ├─ Service account or user credentials └─ Connected app registered Genesys: ├─ OAuth 2.0 Client Credentials ├─ Role: External Contact Manager ├─ Scopes: externalcontacts:manage └─ Monthly secret rotation Data Flow: 1. Query Salesforce: GET /services/data/v60.0/query SELECT Id, Email, Phone, Name, AccountId FROM Contact WHERE LastModifiedDate > :lastSync 2. Transform Data: ├─ Normalize phone (E.164) ├─ Validate email ├─ Map custom fields ├─ Add external ID (Salesforce ID) └─ Group by action (create/update) 3. Sync to Genesys: ├─ New contacts: POST /externalcontacts/contacts ├─ Updates: PATCH /externalcontacts/contacts/{id} ├─ Batches: Group every 50-100 └─ Handle errors: Log and retry 4. Track Progress: ├─ Timestamp last successful sync ├─ Count created/updated/failed ├─ Send email notification └─ Log all activities Implementation Highlights: Error Handling: ├─ 409 Conflict: Already exists (update instead) ├─ 400 Bad Request: Invalid data (log and skip) ├─ 429 Rate Limited: Backoff and retry ├─ 503 Unavailable: Retry with backoff └─ All other: Fail and alert Partial Updates (PATCH): ├─ Update only changed fields ├─ Prevents overwriting unmanaged data ├─ Reduces payload size ├─ Better for CRM sync └─ Available March 2026+ Idempotency: ├─ Use externalId for matching ├─ Prevent duplicate creates ├─ Retry-safe operations ├─ Track processed records └─ Handle partial failures Performance: ├─ Batch 50 contacts per request ├─ 1,000 contacts: ~20 requests ├─ Completes in < 5 minutes ├─ Well under rate limits └─ Minimal API footprint Benefits: ├─ Single source of truth ├─ Real-time contact availability ├─ No duplicate entry ├─ Reduces manual effort └─ Improved agent experience ``` ### Pattern 2: Nightly Analytics Report Generation ``` Scenario: Generate daily contact center reports Architecture: Genesys Cloud Analytics API ↑ │ Report Generator Service (scheduled, 2:00 AM daily) ↓ │ Email Distribution List Authentication: Client Credentials: ├─ Scopes: analytics:conversationDetail ├─ Token Duration: 1 hour (sufficient) ├─ No user interaction needed └─ Fully automated Workflow: 1. Authenticate (2:00 AM) POST /oauth/token grant_type: client_credentials Result: Access token 2. Query Analytics (2:01 AM) ├─ Yesterday's date range ├─ All queues/teams ├─ Conversations aggregate ├─ Service Level, AHT, ASA, Abandon Rate └─ Multiple requests (by dimension) 3. Generate Report (2:05 AM) ├─ Process data ├─ Create charts/graphs ├─ Format professionally ├─ Create PDF └─ Calculate YoY trends 4. Distribute (2:10 AM) ├─ Email PDF ├─ To stakeholders ├─ With summary └─ Archive for history Report Contents: Executive Summary: ├─ Total conversations: 5,432 ├─ Service Level: 87% (Target: 80%) ├─ Avg Handle Time: 8:32 (Target: < 10min) ├─ Abandon Rate: 3.2% (Target: < 5%) └─ Net Change vs yesterday: +2.1% By Queue: ├─ Queue name ├─ Conversations ├─ Service Level ├─ AHT ├─ ASA └─ Agents Trending: ├─ Last 7 days ├─ Last 30 days ├─ YoY comparison ├─ Alerts (SLA failures) └─ Recommendations Implementation Highlights: Scheduling: ├─ Cron: "0 2 * * *" (2:00 AM daily) ├─ Timezone: Your organization's TZ ├─ Alerting: If job fails └─ Retry: Automatic API Calls: ├─ /analytics/conversations/aggregates (multi-call) ├─ Total: 5-10 requests ├─ Completes in < 5 minutes └─ No rate limit issues Report Generation: ├─ Tool: ReportLab (Python) or similar ├─ Format: PDF ├─ Design: Professional template └─ Data: Charts and tables Email Distribution: ├─ Tool: SendGrid or SMTP ├─ Recipients: DL ├─ Schedule: Exactly 2:15 AM ├─ Archive: Save copy for history └─ Tracking: Note delivery status Error Handling: ├─ Authentication fails: Alert operations ├─ API call fails: Retry with backoff ├─ Report gen fails: Fallback to text ├─ Email fails: Retry next hour └─ All failures: Log and notify Benefits: ├─ Automated daily reporting ├─ Saves analyst 30 minutes/day ├─ Consistent delivery ├─ Stakeholders stay informed └─ Data-driven decisions ``` ### Pattern 3: Real-Time Agent Status to Dashboard ``` Scenario: Display real-time agent availability in web dashboard Architecture: Genesys Cloud (WebSocket) ↓ /v2/users/{id}/presence │ (WebSocket events) ↓ Node.js Backend (WebSocket server) ↓ Socket.IO ↓ Browser Clients (Dashboard) Authentication: User Login: ├─ Authorization Code Grant ├─ User authenticates once ├─ Backend stores refresh_token ├─ Token includes necessary scopes └─ presence:manage scope required WebSocket Connection: ├─ Uses existing access_token ├─ Maintains connection ├─ Real-time events └─ Automatic reconnection Workflow: 1. User Logs In to Dashboard: ├─ Authorization Code flow ├─ User sees consent screen ├─ Backend gets access_token ├─ Backend stores refresh_token └─ User authenticated 2. Backend Establishes WebSocket: POST /api/v2/notifications/channels └─ Opens long-lived connection 3. Subscribe to Presence Events: PUT /api/v2/notifications/channels/{channelId}/subscriptions Subscriptions: ├─ v2.users.{user1}.presence ├─ v2.users.{user2}.presence ├─ v2.users.{user3}.presence └─ For all agents 4. Receive Real-Time Events: { "eventBody": { "userId": "user-123", "presenceDefinition": { "systemPresence": "available", "customPresences": [...] } } } 5. Update Dashboard: ├─ Forward event to browsers (Socket.IO) ├─ Update agent status display ├─ Change color/icon ├─ Show "Available", "Break", "Busy", etc └─ Real-time synchronization Implementation Highlights: Subscription Efficiency: ├─ Single WebSocket connection ├─ Multiple subscriptions ├─ vs: 100 polling requests/minute ├─ 99% reduction in API calls └─ Real-time delivery Connection Management: ├─ Maintain connection ├─ Automatic reconnection on failure ├─ Health checks ├─ Graceful degradation └─ Error handling Scalability: ├─ 1 backend: 100+ agent subscriptions ├─ vs: Polling → rate limited ├─ WebSocket: Event-driven ├─ Lower CPU usage └─ Lower bandwidth Error Recovery: ├─ Connection drops: Auto-reconnect ├─ Subscription fails: Retry ├─ Event deserialization: Log and skip ├─ Token expires: Refresh and reconnect └─ Graceful fallback: Polling backup Benefits: ├─ Real-time agent status ├─ Sub-second updates ├─ No polling overhead ├─ Better user experience ├─ Reduced infrastructure load └─ Scalable solution ``` --- ## Deployment Strategies ### Strategy 1: Development Environment ``` Setup: OAuth Client: ├─ Grant Type: Authorization Code + PKCE ├─ Redirect URI: http://localhost:3000/callback ├─ Scopes: conversations:readonly ├─ Token Duration: 3600 (1 hour) └─ Created by: Development team Client Credentials (if needed): ├─ Grant Type: Client Credentials ├─ Scopes: externalcontacts:manage ├─ Token Duration: 3600 └─ Role: External Contact Manager (dev only) Secrets Storage: ├─ .env file (local development) ├─ .gitignore entries: │ ├─ .env │ ├─ .env.local │ └─ credentials/ ├─ Example .env: │ ├─ GENESYS_CLIENT_ID=dev-client-id │ ├─ GENESYS_CLIENT_SECRET=dev-secret │ └─ GENESYS_REGION=mypurecloud.com └─ Never commit secrets! Configuration: ├─ Use environment variables ├─ Different per developer ├─ Allow local overrides ├─ Development region specified └─ Non-production data only Testing: ├─ Unit tests: Mock API responses ├─ Integration tests: Dev Genesys org ├─ Manual testing: Full flow ├─ Error scenario testing └─ Rate limit testing CI/CD Pipeline: ├─ Run on: Developer machine ├─ Linting: Yes ├─ Unit tests: Yes ├─ Build: Yes ├─ Deploy: Local only └─ Secrets: Via .env (not checked in) Monitoring: ├─ Logging: Console output ├─ Debugging: Browser DevTools ├─ API calls: Inspect requests ├─ Errors: Stack traces └─ Performance: Basic measurements ``` ### Strategy 2: Staging Environment ``` Setup: OAuth Clients: ├─ Separate from production ├─ Authorization Code client ├─ Client Credentials client ├─ Different secrets └─ Same Genesys region (or test region) Secrets Storage: ├─ Environment variables (CI/CD platform) ├─ Encrypted vault ├─ GitHub Actions secrets / GitLab CI variables ├─ Rotate monthly └─ Different from production Configuration: ├─ Staging-specific settings ├─ Same region as production ├─ Test data only ├─ Verbose logging enabled └─ Performance testing configured Testing: ├─ Full integration tests ├─ End-to-end workflows ├─ Load testing (small scale) ├─ Error scenario testing ├─ Performance baselines └─ Compatibility testing CI/CD Pipeline: ├─ Trigger: On PR/Merge to staging branch ├─ Linting: Yes ├─ Unit tests: Yes ├─ Integration tests: Yes ├─ Build: Yes ├─ Deploy: Automated ├─ Smoke tests: Post-deploy └─ Notify: On success/failure Monitoring: ├─ Application logs: Aggregated ├─ Error tracking: Sentry/similar ├─ Performance monitoring: APM ├─ Uptime monitoring: Synthetic └─ Alerts: To development team Approval Process: ├─ Code review: Required ├─ Tests: Must pass ├─ Deployment: Semi-automated ├─ Rollback: Available └─ Notify stakeholders Data Management: ├─ Test data only ├─ Reset daily/weekly ├─ Production data: Never ├─ GDPR compliant └─ Privacy respected ``` ### Strategy 3: Production Environment ``` Setup: OAuth Clients: ├─ Separate production clients ├─ Multiple clients: Web app, services, etc. ├─ Different secrets per environment ├─ Rotate monthly minimum ├─ Monthly rotation documented └─ Secure secret storage required Secrets Storage: Critical - Use Secure Vault: ├─ HashiCorp Vault (recommended) ├─ AWS Secrets Manager ├─ Azure Key Vault ├─ Google Cloud Secrets └─ Store & access policies: ├─ Encrypt at rest ├─ Encrypt in transit ├─ Audit all accesses ├─ RBAC (role-based) ├─ Rotation tracking └─ Alert on unauthorized access Configuration: Environment-Specific: ├─ Production region only ├─ Performance settings optimized ├─ Logging: Moderate (balance vs storage) ├─ Monitoring: Comprehensive ├─ Alerting: All channels └─ Recovery procedures: Documented CI/CD Pipeline: Strict Requirements: ├─ All tests: Must pass ├─ Code review: Mandatory ├─ Approval: Required (2+ reviewers) ├─ Build: Automated & verified ├─ Deploy: Gated release ├─ Smoke tests: Post-deploy (critical) ├─ Rollback: Instant available └─ Notify: Multiple teams Deployment Procedure: 1. Code Merge (to main branch) ├─ Tests pass ├─ Reviews approved └─ CI/CD starts 2. Build (automated) ├─ Code compiled ├─ Tests run ├─ Artifact created └─ Ready for deploy 3. Stage (automated) ├─ Deploy to staging ├─ Smoke tests run ├─ If all pass: await approval └─ If any fail: block deployment 4. Approve (manual gate) ├─ Engineering manager: approval ├─ On-call engineer: ready ├─ Time window: Business hours preferred └─ Cancellation: Available anytime 5. Deploy (automated) ├─ Deploy to production ├─ Gradual rollout (optional) ├─ Monitor deployment ├─ Health checks pass └─ Notify team 6. Monitor (continuous) ├─ Watch logs ├─ Watch metrics ├─ Watch errors ├─ Alert threshold: Low └─ Quick response ready 7. Rollback (if needed) ├─ Detected: Issue identified ├─ Decision: Rollback authorized ├─ Execute: One command ├─ Verify: Health checks pass └─ Notify: Team aware Monitoring: Comprehensive Observability: ├─ Application logging (ELK/Splunk) ├─ Error tracking (Sentry/Rollbar) ├─ APM (New Relic/DataDog) ├─ Uptime monitoring (Synthetic) ├─ Custom metrics ├─ Infrastructure monitoring └─ Security monitoring Alerting: Critical (Immediate - Page): ├─ Application down (503/504) ├─ Authentication failures spike ├─ Database connection errors ├─ Memory/CPU critically high ├─ Deployment failed └─ Security incident High Priority (30 min - Slack): ├─ Error rate > 5% ├─ Response time spike ├─ Rate limit approached ├─ Token refresh failures ├─ API quota exceeded └─ Unusual traffic pattern Medium Priority (1 hour - Email): ├─ Minor errors ├─ Performance degradation ├─ Deprecated API usage ├─ Scheduled job delayed └─ Configuration drift Disaster Recovery: Backup & Recovery: ├─ Database: Daily snapshots ├─ Configuration: Version controlled ├─ Secrets: Vault with audit logs ├─ RTO: < 1 hour ├─ RPO: < 15 minutes └─ Tested monthly Communication: During Incident: ├─ Status page: Updated immediately ├─ Slack: Team notification ├─ Email: If long duration ├─ Customers: If customer-facing └─ Escalation: Clear path Post-Incident: ├─ Post-mortem: Scheduled ├─ Root cause: Identified ├─ Fix: Implemented ├─ Prevention: For future └─ Lessons learned: Documented Compliance: Security Requirements: ├─ PCI-DSS: For payment data ├─ HIPAA: For health data ├─ SOC 2: For SaaS ├─ GDPR: For EU data └─ Industry-specific: As applicable Audit & Compliance: ├─ Audit logs: Retained 2+ years ├─ Access logs: Who did what when ├─ Change logs: All changes recorded ├─ Compliance checks: Quarterly └─ External audits: Annual ``` --- ## Troubleshooting Deployments ``` Common Issues: Problem: Authentication Fails in Production Causes: ├─ Secret rotated, app not updated ├─ Secret expired (if revoked) ├─ Client deleted ├─ Secret wrong (typo) └─ Wrong client for environment Diagnosis: ├─ Check error: Invalid credentials ├─ Verify secret matches what stored ├─ Verify client still exists ├─ Check expiration date └─ Try authentication manually Fix: ├─ If secret wrong: Update immediately ├─ If client deleted: Recreate ├─ If expired: Generate new secret ├─ If revoked: Verify it's revoked └─ Test after fix Prevention: ├─ Document secret location ├─ Rotate on schedule ├─ Test auth before deploy ├─ Use vault for storage └─ Alert before expiration Problem: Rate Limiting in Production Symptoms: ├─ 429 errors increasing ├─ Request latency increasing ├─ API calls slowing down ├─ Partial failures └─ Customers reporting issues Diagnosis: ├─ Check request volume ├─ Check request frequency ├─ Identify hot endpoints ├─ Check X-Rate-Limit-Remaining └─ Calculate current rate Fix (Short-term): ├─ Implement backoff ├─ Reduce request frequency ├─ Queue requests ├─ Reduce batch size └─ Wait for window reset Fix (Long-term): ├─ Use bulk endpoints ├─ Implement caching ├─ Use WebSocket events ├─ Optimize queries └─ Consider enterprise limits Prevention: ├─ Load test before production ├─ Monitor rate limit headers ├─ Alert when approaching limit ├─ Design for pagination └─ Use bulk APIs from start Problem: Token Refresh Failing Symptoms: ├─ API calls return 401 ├─ Refresh token errors ├─ Users getting logged out ├─ Authentication failing └─ Errors in logs Diagnosis: ├─ Check refresh token expired ├─ Check client exists ├─ Check secret correct ├─ Check token lifetime └─ Try manual refresh Fix: ├─ If expired: User must re-authenticate ├─ If client wrong: Update config ├─ If secret wrong: Update secret ├─ If lifetime: Adjust config └─ Test refresh manually Prevention: ├─ Refresh proactively (5 min before) ├─ Monitor refresh success rate ├─ Alert on refresh failures ├─ Document refresh logic └─ Test token refresh Problem: Data Loss / Sync Issues Symptoms: ├─ Contacts not syncing ├─ Data inconsistencies ├─ Partial updates missing ├─ Database conflicts └─ Customers reporting issues Diagnosis: ├─ Check sync logs ├─ Verify API calls succeeded ├─ Check for conflict errors ├─ Verify data format └─ Compare source vs target Fix: ├─ Re-run sync ├─ Correct data format ├─ Handle conflicts ├─ Verify completeness └─ Reconcile manually if needed Prevention: ├─ Implement idempotency ├─ Use external IDs ├─ Log all changes ├─ Verify sync completion ├─ Regular reconciliation ├─ Alerts on failures └─ Testing with real data Problem: Performance Degradation Symptoms: ├─ Slow API response times ├─ High latency (p99) ├─ User complaints ├─ Dashboard sluggish └─ Timeout errors Diagnosis: ├─ Check API latency ├─ Check application latency ├─ Check database latency ├─ Check network latency └─ Identify bottleneck Fix (Short-term): ├─ Scale up application ├─ Scale up database ├─ Clear cache ├─ Reduce requests └─ Optimize queries Fix (Long-term): ├─ Use caching layer ├─ Optimize database ├─ Use CDN ├─ Async processing └─ Horizontal scaling Prevention: ├─ Load test regularly ├─ Monitor latency ├─ Alert on degradation ├─ Capacity planning └─ Performance budget ``` --- ## Key Takeaways: Chapter 8 - **Pattern Diversity** - Different patterns for different scenarios - **Authentication Clear** - Always OAuth 2.0 (Client Credentials or Code) - **Scheduling Critical** - Cron jobs for reliable automation - **Error Handling** - Implement retry logic with backoff - **Data Quality** - Validate and normalize before syncing - **Deployment Gates** - Approval required for production - **Monitoring Essential** - Know when things break - **Documentation Important** - For debugging and maintenance --- ## Interview Prep: Integration Patterns | Question | Answer | |---|---| | Salesforce sync pattern? | Query Salesforce, transform, batch POST/PATCH to Genesys | | Report generation? | Scheduled job (cron), query analytics, generate PDF, email | | Real-time status? | WebSocket subscriptions, event-driven updates, low overhead | | Authentication type? | Client Credentials for services, Auth Code for users | | Backoff strategy? | 3, 9, 27 seconds, then 5-min increments | | Error handling? | Retry on 429/5XX, fail on 4XX (except 401) | | Data sync quality? | Validate, normalize, idempotent, external IDs | | Deployment gate? | Approval required, smoke tests pass, monitoring ready | | Secret storage? | Secure vault (Hashicorp, AWS, Azure) | | Monitoring? | Logs, metrics, errors, alerts (critical/high/medium) | --- ## Document Version **Chapter**: 8 of 8 **Last Updated**: March 2026 **Status**: Current with OAuth 2.0 & API standards **Scope**: Integration patterns, deployment strategies, troubleshooting