Securing Chatbot authentication using JWT

  • Updated on Jan 7, 2025
  • 2 minute(s) read
  • Janeera D A
  • Charulatha Ravichandran
  • Manoharan Soundarraj
 Prev Next

Plans supporting AI chatbot

Professional
Business
Enterprise






JSON Web Token (JWT) is an open standard used to securely transmit information between parties as a JSON object. It allows for authentication and information exchange, ensuring that the data sent is verified and trusted. By implementing JWT for the Eddy AI Chatbot, you can create a secure environment for your private and mixed projects, protecting sensitive information from unauthorized access.

NOTE

To know more about the languages supported by Eddy AI, click here.

You can implement an authentication configuration for the Eddy AI Chatbot using JWT, ensuring a secure environment for Private and Mixed projects.

  1. Navigate to Knowledge base widget () in the Knowledge base portal.

  2. Click Add widget to create a new widget.

    Alternatively, hover over the desired widget and click the Edit (✎) icon to modify an existing widget.

  3. Select the widget type as Chatbot to configure JWT for Eddy AI Chatbot.

  4. In the Configure & connect tab, go to the JWT accordion and enable the JWT toggle.

  1. Client ID: The client ID will be your project’s ID.

  2. Widget ID: Since multiple widgets may exist, a widget ID is provided for their unique purposes.

  3. Token endpoint: This is the HTTP endpoint used to obtain an access token using an authorization code.

  4. Client secret: Click Regenerate to generate the client secret. Ensure you save this for future use, as it will apply to all widgets created moving forward.

NOTE

The Client Secret is required for all future JWT-enabled widgets. It will not be stored within Document360, so keep it securely.

   e. Authorize URL: Paste the authorized URL from your knowledge base widget webpage.

  1. Click Save.

Embed the authorized URL within your code and paste it into the Script section of your webpage to implement a secure, authenticated Chatbot. This setup will prevent unauthorized third-party access. By following these steps, you can successfully implement JWT authentication for the Eddy AI Chatbot, ensuring a secure environment for your projects. After configuring your chatbot, test the setup thoroughly to ensure that everything functions correctly.

NOTE

For more information on implementing the auth endpoint, read the article on Managing the Knowledge base widget.  

FAQs

What should I check if I encounter issues during authentication?

If you experience authentication issues, ensure the following:

  • The client secret and token endpoint are correctly configured.

  • The user is authenticated before making a request to the endpoint.

What are common pitfalls to avoid when implementing JWT?

Here are a couple of common pitfalls to watch out for:

  • Failing to save the client secret after regeneration can lead to authentication failures.

  • Misconfiguring the token endpoint can prevent successful token retrieval.

What should I do if I lose my client secret?

You will need to regenerate a new client secret and update your configuration accordingly.

How can I verify that JWT authentication is working?

Test the authentication flow by attempting to access the Eddy AI Chatbot and checking for the correct access token response.

Related articles