Our architecture currently has all public access going through Kong. It validates all incoming requests contain a valid JWT. Is there a way to tell Google Action to include the JWT when configuring the webhook fulfillment?
Asked
Active
Viewed 140 times
4
-
Is it expecting the JWT as a header or via some other method? Does the JWT used have an expiration? Are you using Dialogflow or actions.json to configure your Action? – Prisoner Jan 18 '18 at 23:41
-
I think Kong can be configured to check a header field or a query parameter. Yes on expiration. Dialogflow. – kailoon Jan 18 '18 at 23:58
-
I'm also wondering about this. The docs are not clear about this, but as far as I found out, the jwt is not included in dialogflow requests at all. Do you already have any solution, @kailoon? – Toni Mar 06 '18 at 12:48
-
Unfortunately, we had to work around it in our architecture. – kailoon Mar 29 '18 at 15:26