The Events API exposes message-level events (resource=messages, event=created) only to tokens that include the spark-compliance / admin:eventsread scope. Cisco explicitly states that this scope is granted automatically and exclusively to accounts that hold the Compliance Officer role, allowing those users to retrieve “message created” events for any user in their organization. Other administrator roles do not receive this implicit privilege and therefore cannot call the Events API for another user’s message traffic.

1. Cisco Webex Developer Portal – “List Events” API

Authorization section

para. 2: “Only users assigned the Compliance Officer role can access message-related events.” (https://developer.webex.com/docs/api/v1/events/list-events)

2. Cisco Webex Developer Guide – “Compliance and eDiscovery APIs

” Section “Prerequisites”: “You must be granted the Compliance Officer role… this role automatically includes the spark-compliance scopes.” (https://developer.webex.com/docs/compliance)

3. Cisco Webex Control Hub – “Administrator roles in your organization

” Table 1

row “Compliance Officer”: “Can search and view all messages and files across the organization; other admin roles cannot.” (help.webex.com/nf0c1ws)