In the Security & Control module of the Kore.ai Bots Admin Console,
- you can add or modify password policies (on this page),
- configure Single Sign-On (SSO) authentication for your domain users (see here),
- configure and install the Kore.ai Connector agent for Bot communications between Kore.ai and your on-premises applications using custom Kore.ai Bots (see here),
- obtain and reset enterprise key for encryption (see below),
- create app and define API scopes (see below)
- other security settings (see here)
Note: This option is available only if you have not enabled SSO, else the SSO provider password policies are implemented.
On the Kore.ai Password Policy page in the Security & Control module of the Bots Admin Console, you can define and enable minimum password length, requirements for inclusion of special characters, and password expiration policies for Kore.ai account passwords used to log on Kore.ai when Single Sign-On is not used.
Kore.ai password policies give you the capability to ensure all Kore.ai account passwords of users in your account are complex and secure.
You can define password policies to ensure users of your account create and use complex passwords. Long passwords with numerical, alphabetical, and special characters can help to prevent access to Kore.ai accounts by malicious attackers.
The following illustration shows the controls on the Password Policy page in the Security & Control module of the Bots Admin Console.
Password Policy Page Controls
The following table describes the Password Policy page controls.
|Minimum Password Length||Defines the minimum number of characters users can use in a Kore.ai account password|
|Include Numeric Values||Enables or disables the requirement of at least one numerical character in a Kore.ai password.|
|Include Alphabets||Enables or disables the requirement of at least one alphabetical character in a Kore.ai password.|
|Enforce UPPER CASE Letters||Enables or disables the requirement to have at least one upper case letter in a Kore.ai password.|
|Enforce lower case Letters||Enables or disables the requirement to have at least one lower case letter in a Kore.ai password.|
|Include Special Characters||Enables or disables the requirement of at least one special character in a Kore.ai password. Valid special characters are:
! – Exclamation mark
|Enable a password expiration policy||Enables or disables password expiration. If enabled, you can define
|Apply this change to existing users||Enables or disables application of the changes to the current users.|
On the Enterprise Key page in the Security & Control module of the Bots Admin Console, you can view, or regenerate your enterprise data encryption key.
By default, enterprise data, including user data, is automatically encrypted using this key when stored on Kore.ai servers. The encryption key is reissued every 60 days, or whenever manually refreshed by an admin.
To generate a new enterprise data encryption key, click Refresh.
Using this option you can define apps and associate API scopes for accessing various platform features.
- Use the New button to create a new app.
- Select +Create App option from App drop-down.
- Once you enter a name, a Client ID and Client Secret would be generated which can be used to access the platform
- For each app created the following API Scopes can be assigned as per requirement
- Bot Definition includes the scopes for Bot Import, Export and Creation;
- Bot Publish for Publish access;
- Test & Train to include permissions to Train ML and FAQ, Utterances Import & Export;
- Logs to include retrieval capablity of Bot Audit and Admin Console Audit Logs;
- Profile Management to get access to Role Management APIs and to Delete User Data;
- Bot Analytics to be able to retrieve Chat History and Bot conversation Sessions
- User Management scope to manage users;
- Custom Reports scope to retrieve the data associated with custom widgets and reports;
- Knowledge Graph scope to retrieve data associated with Knowledge Graph;
- Channel Management to create and update channels;
- BotKit to configure the botkit and agent transfer;
- Master Admin – assign this scope to get the list of sample bot.
- Once created these apps can be used from within the Bot Builder Platform or externally to access various features by invoking the corresponding public API (see here for list).