Skip to main content

Let chatters sign into your website

Overview

In some Answer flows, you may either serve chatters with sensitive data, or give them the chance to make changes to their account, orders, bookings, etc. In these cases, you should authorize chatters by asking them to sign in to their account.

Sign-in confirms the chatter is the person they claim to be, which should happen before your bot shares any sensitive data. Sign-in generates an authentication token that you can use to call APIs that require an OAuth token in order to return account-specific information to the chatter. After authentication, you can securely provide chatters with a more detailed and personalized experience, by sharing information (such as balances, due dates, credits, etc.) or making changes to their account.

For more information on use cases and data sensitivity, see Protect chatter data using verification and authentication.

note

This feature may not be included with your organization's subscription package. For more information, see Ada's Pricing page, or contact your Ada team.

Configure an authentication method

The first step in adding authentication to your bot is to set up the authentication method.

  1. On the Ada dashboard, go to Settings > Bot setup > Authentication. The Authentication page appears.

  2. To set up authentication for a new system, click New Authentication. The Create New Authentication window appears.

  3. Fill in the following fields:

    note

    Not all setups have all of these fields. Fill in all the fields you see in your bot.

    • Name: A title used to differentiate different authentication methods used in the bot. You can write anything here to help you differentiate from other methods in your bot.

    • Token URI: The address that the bot calls to receive a token if the chatter’s credentials are valid. This token keeps a chatter verified for a specified amount of time.

    • Redirect URI: The address the chatter is returned to after a successful authorization. It will be formatted as {bot_handle}.ada.support/api/oauth/{auth_integration_name}.

    • Auth URI: The address that the bot calls to authenticate the chatter. It specifies where it needs to confirm the chatter’s credentials.

    • Client ID: The first half of identification credentials so the authorization client can recognize which application is making the call.

    • Client Secret: The second half of identification credentials so the authorization provider can recognize which application is trying to authenticate. Along with Client ID, both of these differentiate different applications that use the same authentication provider.

    • Scopes (Optional): If required, you can specify how much access this authentication allows. This adds an extra layer of security to limit access in case the token is compromised.

    • Certificate: An additional layer of security so the authorization provider can confirm who the client is. This is the equivalent of a security badge or sign in key.

      note

      If you upload a certificate file in the dashboard, Ada will automatically append the bot’s handle to the end of the file name to specify where the certificate is from.

    • Proof Key Code Exchange (PKCE): PKCE is a security feature to prevent injection attacks, especially in cases where mobile apps are being authorized using OAuth. Not all OAuth implementations support PKCE, and Ada only supports the S256 code challenge method, so its usage may vary depending on the OAuth version and provider. If the authentication provider requires PKCE for security, turn this setting on.

  4. Click Save. Your authentication method appears on the Authentication screen.

After you have set up an authentication, you can turn it on or off from the Authentication page. Be careful, though — turning off or deleting an authentication method breaks any blocks or Answers that refer to it.

Add a Sign In block to your Answer flow

After you have set up at least one authentication method in your settings, you can put Sign In/Out blocks in your Answer.

note

If the chatter has already signed in from another Answer or prior to opening the bot, the Sign In button will appear, but the chatter won’t need to enter their credentials again.

  1. On the Ada dashboard, go to Build > Answers and open the Answer you want to add authentication to. Drag the Sign In block into your Answer.

  2. In the Sign In block, fill in the following fields:

    • Message: Write a prompt asking the chatter to sign in.
    • Sign In Button Label: Write custom text to appear on the sign in button.
    • Auth Provider: Select the name of the authentication you configured in your settings.
    • Error Answer: If the authentication fails, the bot will send the Answer specified here. Consider creating a generic Error Answer for failed authentications, or one specific Error Answer for a particular Answer.

Add a Sign Out block to your Answer flow

The Sign Out block signs out the chatter from the authentication provider wherever you add it to your Answer. If you don't add a Sign Out block to your bot, the chatter remains signed in until the authorization token expires.

note

The Sign Out block only signs the chatter out from the bot. It does not log the chatter out of their web experience.

  1. On the Ada dashboard, go to Build > Answers and open the Answer you want to add authentication to. Drag the Sign Out block into your Answer.
  2. In the Auth Provider list, select the authentication you configured in your settings.

Have any questions? Contact your Ada team—or email us at .