1

Within Watson Assistant WebHook setup, if the URL for the external API to be invoked from a dialog node requires Oauth 2.0 authentication can this level of authentication be supported from the WebHook using the header, and basic auth fields provided?

data_henrik
  • 16,724
  • 2
  • 28
  • 49
mhm-gmf
  • 11
  • 1
  • yes, have you tried it? – data_henrik Sep 07 '22 at 14:54
  • Watson Assistant has several webhook capabilities can u provide a link to the one you are referring to – Dudi Sep 08 '22 at 15:13
  • @data_henrik No, I have not tried it yet. We're working on setting up an end-point, and the creation of the token that can be passed in as part of the header. I wanted to confirm that passing the Oauth key and bearer token as as part of the WebHook header would not encounter an issues from the Watson Assistant support. – mhm-gmf Sep 12 '22 at 15:02
  • @Dudi We're looking at using the WebHook call from the Dialog. Pre & Post msg WebHook processing won't meet our needs. – mhm-gmf Sep 12 '22 at 15:05
  • Apologies for the late reply. The token will be passed into Watson at the start of the dialog for use by the Webhook. The token will not be generated at the Watson layer. – mhm-gmf Jan 24 '23 at 20:32

1 Answers1

0

Not so easy at all, but still possible. You can use a Cloud Function (FaaS) to implement the OAuth 2.0. This function can provide you the token in the response and WA can save it into the context. Then, another webhook/function can access to WA context to get the token and use it within the header of the API Call. At this point, you could wonder why wouldn't be better to do the whole authentication phase into a single cloud function. Well, the point is that Functions must be quick and be able to executed within a certain amount of time before the timeout is triggered.

Giacomo Bartoli
  • 730
  • 3
  • 9
  • 23
  • We are anticipating to store the bearer token in the "private" context and access the token from there as part of the WebHook header reference. – mhm-gmf Sep 12 '22 at 15:06
  • That might work, but does the bearer token comes to you directly? Don't you need to generate it? – Giacomo Bartoli Sep 13 '22 at 16:36