Skip to main content

Let chatters sign into your website

Overview

In some Answer flows, you may either serve chatters with sensitive data, or give them the chance to make changes to their account, orders, bookings, etc. In these cases, you should authorize chatters by asking them to sign in to their account.

Sign-in confirms the chatter is the person they claim to be and should be done before you share any sensitive data. Sign-in generates an authentication token that you can use to call APIs that require an oAuth token in order to return account-specific information to the chatter. After authentication, you can securely provide chatters with a more detailed and personalized experience, by sharing information (such as balances, due dates, credits, etc.) or making changes to their account.

For more information on use cases and data sensitivity, see Protect chatter data using verification and authentication.

Authentication setup

The first step in adding authentication to your bot is to set up the details of the authentication method in Settings > Authentication.

Click the blue New Authentication button to get started.

2021-04-01_14-10-59.jpg

In this new screen, you’ll need to fill in the following fields.

2021-04-01_14-13-50.jpg

Required information

Name: A title used to differentiate different authentication methods used in the chatbot. You can write anything here as long as it helps you differentiate from other methods you may use.

Type: The standard/protocol your authentication method follows (currently Ada's Sign In block supports OAuth 2.0 Authorization Code grant type).

Token URI: This is the address that the chatbot calls to receive a token if user credentials are valid. This token keeps a user verified for a specified amount of time.

Redirect URI: This is the address the user is returned to after a successful authorization. It will be formatted as {chatbot_handle}.ada.support/api/oauth/{auth_integration_name}

Auth URI: This is the address that the chatbot calls to authenticate the user. It specifies where it needs to confirm the user’s credentials

Client ID (OAuth2 only): This is the first half of identification credentials so the authorization client can recognize which application is making the call.

Client Secret (OAuth2 only): This is the second half of identification credentials so the authorization provider can recognize which application is trying to authenticate. Along with Client ID, both of these differentiate different applications that use the same authentication provider.

Note

Not all OAuth2 setups will have these details. If they do, then you’ll need to input this information.

Scopes: In this field you can specify how much access this particular authentication allows. This adds an extra layer of security to limit access in case the token is compromised.

Certificate: An additional layer of to security so the authorization provider can confirm who the client is. This is the equivalent of a security badge or sign in key.

Note

If you upload a certificate file in the dashboard, Ada will automatically append the bot’s handle to the end of the file name to specify where the certificate is from.

After saving your authentication method, you’ll see it listed in the Authentication screen.

authentication3.png

You can turn each authentication on/off just like Answers and delete them as well. Be careful though — deleting an authentication method will break any blocks or Answers that refer to this authentication method.

Sign In blocks

Once at least one authentication method is set up in the Settings tab, you’ll be able to use Sign In/Out blocks in your Answers.

authentication1.png

To set up a Sign In block, click and drag the Sign In to the Answer where authentication is required. You can specify the log in prompt, as well as the label for the Sign In button.

Required fields

Auth Provider: Select the correct authorization method from those in the Settings tab.

Error Answer: If the authentication fails, the user will receive the Answer specified here. Consider creating a generic Error Answer for failed authentications, or one specific Error Answer for a particular Answer).

Note

If the user has already signed in from another Answer or prior to opening the chatbot, the Sign In button will appear, but the user won’t need to enter their credentials again.

Sign Out blocks

The Sign Out block signs out the chatter from the bot wherever you add it to your flow. If you don't add a Sign Out block to your Answer, the user remains signed in until the authorization token expires. To set up the block, choose the relevant Auth Provider which you previously configured in the Settings tab.

Note

The Sign Out block only signs the user out from the bot. It will not log the user out of their web experience.

Sign-out-block.png

Have any questions? Contact your Ada team—or email us at help@ada.support.