Orbita has several built-in providers that you can configure for authentication. You can also configure third-party Oauth providers such as Social media sites including Facebook, Twitter, Microsoft, Amazon, and more. Oauth is an authorization framework specifically built for HTTP APIs that let the users grant access to an application to use their user data.

...

This web service lets you add user sign-up, sign-in, and access control to Orbita.

Amazon Cognito

1. Go to console.aws.amazon.com

2. Log in with your credentials when prompted.

3. In the AWS Management Console, under the Security, Identity, & Compliance, select Cognito.
   

   Image Added

4. On the Amazon Cognito home screen, select Manage User Pools.
   

   Image Added

Create a user pool

...

1. Click on the Create user pool button.
   

   Image Added

2. Give a user pool name and click on the Review defaults button.
   

3. Click on Review default settings

4. Accept the terms and click Image Added

5. You will be navigated to the review screen. Click on the Create pool button.
   

   Image Added

6. Your User pool is created successfully.
   

   Image Added

General Settings

App client

1. Select the User pool.

2. Navigate to the side Side menu > General Settings >App clients.
   

   Image Added

3. Click on the Add an app client button
   

   Image Added

4. Give a name for the app client.
   

   Image Added

5. Configure the rest of the settings as you require (for this example, we use the default settings)Click .

6. Scroll down to the end of the page and click on Create app client.
   

   Image Added

7. Note the Client ID App client id. (Client ID is a publicly exposed string that is used by the service API to identify the application and is also used to build the authorization URLs that are presented to the users.
   

   Image Added

8. Click on the Show Details button to view the App client secret.
   

   Image Added

App Integration

App client settings

1. Navigate to the side Side menu > App integration > App client settings.
   

   Image Added

2. Click on the Cognito User pool check box.
   

   Image Added

3. Fill in the Callback URL with the chatbot endpoint.
   Eg: https://sandbox15.orbita.cloud:8443/oeapi/bot/docflow

4. Use the https://<domain-name>.orbita.cloud:8443/oeapi/logoutfor the signout Sign out URL.
   Enable

   Image Added

5. Under OAuth2.0 > Allowed OAuth Flows, enable Authorization code grantand Implicit grant.

6. Under the Allowed OAuth scopes, check everything except the aws.cognito.signin.user.admin.

7. Click save Save changes.
   

   Image Added

Domain name

1. Navigate to the side Side menu > App integration > Domain name.
   

   Image Added

2. Enter a domain Domain prefix and click on the Check Availability button
   

   Image Added

3. You will be notified about the availability of the domain name.
   

   Image Added

4. Click on Save changes.
   

   Image Added

Orbita Experience

...

Global menu > providers.

Manager

Provider Settings

1. Login to Experience Manager. Navigate to Global Settings and User profile menu > Settings > Provider.
   

   Image Added

2. On the provider listing screen, click on the icon to Add a provider.
   

   Image Added

3. Give a provider name without spaces.

4. In the Authorization URL field, enter the <Custom-Domain-URL>/oauth2/authorize.

5. In the Token URL field, enter the <Custom-Domain-URL>/oauth2/token.
   

   Image Added

6. Enter the Client ID that is generated while adding the app client in App client id from Cognito.

7. Enter the Client Secret that is generated while adding the app client in App client secret from Cognito.

8. The Enter callback URL is our URL for Orbita.
   . eg: https://<domain-name>.orbita.cloud:8443/api/auth/<provider-name>/callback
   

   Image Added

9. As we have enabled multiple scopes in the Cognito > app client settings, you can provide any of those scopes here.

10. When an account is linked, a placeholder user is created in Orbita. The user is created using the persona type specified in the drop-down menu. Select any one of these. (In this example, we selected patient persona).
    

    Image Added

11. Profile options will fetch and store the information of the logged-in user from the client’s database.
    A Json code that contains the URL, header, method, body, and attributes is to be used in this field to get the data.Save the Provider.
    In this example, we used the below code.

    Code Block
    { "url": "https://sandbox15..auth.us-east-2.amazoncognito.com/oauth2/userInfo", "method": "GET", "header": { "content-type": "application/json", "Authorization": "Bearer __ACCESS_TOKEN__" }, "attributes": { "id": "email", "firstName": "name", "lastName": "given_name" } }

12. Click on the button to save the Provider.

Adding the Provider to a Project

1. Navigate to the project listing screen.

2. Click on the verticle ellipses against the project and click on Edit.
   

   Image Added

3. Select the OAuth provider as Cognito.from the dropdown.
   

   Image Added

4. Click on Update.
   

   Image Added

Testing the integration

1. Load the chatbot.

2. Click on the login button when prompted to log in. See How to use Login Directive
   

   Image Added

3. When you click the Login button, you will be navigated to the Cognito authentication page in a new tab.
   

   Image Added

4. Login with an existing account or create a new one using the Sign-up link.

5. The If you set the user pool is set to require further authentication to log in.After successful authentication, you are now logged into the chatbot., it will ask for a verification code.

6. Enter the verification code to get logged into the chatbot.

7. You will be navigated back to the chatbot upon successful authentication.

Related Articles