Authentication methods
Learn how to configure authentication methods for the requests made by your bot.
The authentication methods are used to configure how the NativeChat servers will authenticate HTTP requests to endpoints specified in steps with type webhook or in dynamic entity data source.
Authentication methods types
To configure the available authentication methods, you open the Authentication methods page located in the Settings tab of your bot.
Currently, Nativechat supports the following authentication methods:
Client certificate
The client certificate (Mutual TLS) authentication method is used when an endpoint requires a private key and a X.509 certificate to be sent for authentication. There are two possible configurations for this method - using personal information exchange file (.p12) or directly providing the private key and the certificate in pem format.
This authentication method also supports providing CA certificates. CA certificate should be provided if an endpoint is using self-signed certificate.
Username and password
This method is useful when the remote service endpoint requires Basic authentication sent with the Authorization header of the request. By specifying the credentials here there’ll be no need to add the header in every endpoint which uses them.
Authentication methods priority
- No authentication (
ignore-authentication-methods=trueor when you selectNo Authenticationin the UI) - This property can be specified in the data-source configuration and if it’s set totrue, no authentication method will be used. authentication-method(or when you select the name of one of your authentication methods in the UI) - This property can be specified in the data-source configuration and if it’s set, the specified authentication method will be used.- Default (when you don’t configure any of the other two properties in JSON or select
Defaultin the UI) - URL starts with filters which are specified in the configuration of the authentication method. The first method which matches the endpoint will be used for the HTTP request. Specifying the same filter in multiple authentication methods will cause unpredictable behavior.
Examples
Cognitive flow
"authMethodsExample": {
"type": "goal",
"display-name": "Example auth methods",
"steps": [
{
"type": "webhook",
"entity": "exampleEntity",
"data-source": {
"authentication-method": "myClientCertificateAuth",
"endpoint": "https://example.com",
"method": "GET"
},
"messages": [
"Request with authentication method returned ."
]
}
]
}
Entity definitions
{
"name": "Example",
"lookup-strategy": "keywords",
"data": [],
"dynamic-data": {
"data-source": {
"authentication-method": "myClientCertificateAuth",
"endpoint": "https://example.com",
"method": "GET",
"headers": {
"Content-Type": "application/json"
},
"payload": {}
},
"value-template": "",
"synonym-templates": []
}
}
Default authentication method selection
{
"name": "Example",
"lookup-strategy": "keywords",
"data": [],
"dynamic-data": {
"data-source": {
"endpoint": "https://example.com",
"method": "GET",
"headers": {
"Content-Type": "application/json"
},
"payload": {}
},
"value-template": "",
"synonym-templates": []
}
}
Disable authentication
{
"name": "Example",
"lookup-strategy": "keywords",
"data": [],
"dynamic-data": {
"data-source": {
"ignore-authentication-methods": true,
"endpoint": "https://example.com",
"method": "GET",
"headers": {
"Content-Type": "application/json"
},
"payload": {}
},
"value-template": "",
"synonym-templates": []
}
}
Somethings missing or not clear?
Ask a question in our community forums or submit a support ticket.