Contact person: Business Client

Phone:Show

Email:Show

Location: Sydney, Australia

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"Our primary requirement is to establish a reliable and fully documented (using postman) integration with Grandstream’s self-hosted GWN Manager API. The engagement will focus on implementing the authentication flow, including the initial OAuth 2.0 token handling and the vendor-specific signature mechanism required for subsequent /oapi calls. The outcome must be a repeatable process that our internal engineering team can adopt and extend without reverse-engineering every time something changes.

The engineer will be responsible for analyzing Grandstream’s API documentation and available examples, validating the correct construction of the signature string (including parameter ordering, timestamp handling, and payload hashing), and confirming expected behavior directly against a GWN Manager instance. This includes identifying and working around any quirks, such as differences between the cloud and self-hosted environment options, time synchronisation requirements, and undocumented error conditions that affect authentication or request acceptance.

We require practical, working artefacts as part of the deliverables: a functioning set of example API requests (for example in Postman or an equivalent tool), a clear and precise description of the signature generation process, and optional reference code in a common language such as Node.js or Python. These outputs should be structured so that they can be easily integrated into our existing automation and field service tooling, which will ultimately drive provisioning, configuration, and lifecycle management of Grandstream devices.

Finally, the engagement requires clear written documentation aimed at our internal engineers, covering the full end-to-end flow. This includes configuration requirements on the Grandstream side (app IDs, secrets, permissions), the relationship between OAuth credentials and application keys, acceptable time skew and timestamp formats, and recommended operational practices to keep the integration stable and secure over time." (client-provided description)