User Authentication

User Authentication

You can authenticate users to bring highly personalised tasks into your chatbot. Solvemate Authentication is built in a way that you can keep the existing login flow of your website or app, while guaranteeing full security on all chatbot operations.

Authenticated routines allow you to

  • Display sensitive and personalised information in the chatbot
  • Allow the change of sensitive data via the chatbot

That way, you can increase the level of automation on your service tasks and you can make the chatbot your main interface for your service tasks.

User Flow

If users reach an Authenticated Routine in the chatbot, there are two cases:

  1. They are not yet logged in
  2. They are already logged in

1. Not yet logged in

In this case, the user will see a message and a button that brings them to your login page.

chatbot login

Once they are logged you, you can bring them back to the widget and they continue from where they left.

2. Already logged in

In this case, the user will directly see the form to execute their actions.

chatbot login

Technical Overview

Solvemate Authentication uses JWT (JSON Web Tokens). You generate a JWT on your platform and pass it to the Solvemate Widget via JavaScript. The token is then associated with the current user session and can be accessed in your Authenticated Routines, however it’s not stored on the Solvemate Platform.

The secret to generate and validate the JWT is only known to you. Solvemate is not able to generate any tokens and is therefore not able to run Authenticated Routines by its own.

authentication flow

Set JWT via JavaScript

You can pass the JWT to the Solvemate widget with this line of JavaScript:

solvemate('token', 'YOUR-JWT-TOKEN');

The token can be provided on page load or later. It is also possible to set the token while having a conversation on the chatbot. As the token is not stored by Solvemate, you need to set the token whenever you want to allow Authenticated Routines.

If you want to log out a user, you can simply set the token to null.

solvemate('token', null);

Authenticated Routines

To create an Authenticated Routine, you need to first create an integration.

  1. Go to Admin -> Integrations
  2. Click on “Add new integration” and choose “User Authentication”
  3. Define the details like the URL to your login page and save the integration

Once this is done, you can create components based on this integration.

  1. Go to Workspace -> Components
  2. Click on “Add new component” and choose your integration under User Authentication section
  3. Define the Authenticated Routine and save

The JWT is accessible as an event parameter and you can attach it to your API calls.

import logging


logger = logging.getLogger()
logger.setLevel(logging.INFO)


def handler(event, context):
    logger.info('token: %s', event['USER_TOKEN'])
    return 'Hello world!'