Let chatters sign into your website
Overview
Authentication allows your customers to sign in to their account through the chatbot and verify who they are. This allows you to provide them with a more detailed and personalized experience, providing account-specific information that is only available once the customer has logged in, such as balances, due dates, credits, etc.
For more information on use cases and data sensitivity, see Protect chatter data using verification and authentication.
Authentication Setup
The first step in adding authentication to your bot is to set up the details of the authentication method in Settings > Authentication.
Use the blue “New Authentication” button to get started.
In this new screen, you’ll need to fill in the following fields.
Required Information
Name: a title used to differentiate different authentication methods used in the chatbot. You can write anything here as long as it helps you differentiate from other methods you may use.
Type: The standard/protocol your authentication method follows (currently Ada's Sign In block supports OAuth 2.0 Authorization Code grant type).
Token URI: This is the address that the chatbot calls to receive a token if user credentials are valid. This token keeps a user verified for a specified amount of time.
Redirect URI: This is the address the user is returned to after a successful authorization. It will be formatted as {chatbot_handle}.ada.support/api/oauth/{auth_integration_name}
Auth URI: This is the address that the chatbot calls to authenticate the user. It specifies where it needs to confirm the user’s credentials
Client ID (OAuth2 only): This is the first half of identification credentials so the authorization client can recognize which application is making the call.
Client Secret (OAuth2 only): This is the second half of identification credentials so the authorization provider can recognize which application is trying to authenticate. Along with Client ID, both of these differentiate different applications that use the same authentication provider.
Note
Not all OAuth2 setups will have these details. If they do, then you’ll need to input this information.
Scopes: In this field you can specify how much access this particular authentication allows. This adds an extra layer of security to limit access in case the token is compromised.
Certificate: An additional layer of to security so the authorization provider can confirm who the client is. This is the equivalent of a security badge or sign in key.
Note
If you upload a certificate file in the dashboard, Ada will automatically append the bot’s handle to the end of the file name to specify where the certificate is from.
After saving your Authentication method, you’ll see it listed in the Authentication screen.
 |
You can turn each authentication on/off just like Answers and delete them as well. Be careful though - deleting an Authentication method will break any blocks or Answers that refer to this authentication method.
Sign In Blocks
Once at least one Authentication method is set up in the Settings tab, you’ll be able to use Sign In/Out blocks in your Answers.
 |
To set up a Sign In block, click and drag the Sign In to the Answer where Authentication is required. You can specify the log in prompt, as well as the label for the Sign In button.
Required Fields
Auth Provider: Select the correct Authorization method from those in the Settings tab.
Error Answer: If the Authentication fails, the user will receive the Answer specified here. You might consider creating up a generic Error Answer for failed Authentications, or one specific Error Answer for a particular Answer).
Note
If the user has already signed in from another Answer or prior to opening the chatbot, the Sign In button will appear, but the user won’t need to enter their credentials again.
Sign Out Blocks
The Sign Out block only requires the Auth Provider (set up in the Settings tab) and will sign out the user wherever it occurs. You can feel secure that a user will be signed out as soon as they complete their journey. If you do not add a Sign Out block to your Answer, the user will remain signed in until the authorization token expires.
 |
Have any questions? Contact your Ada team—or email us at help@ada.support.