1. Home
  2. Kore.ai Conversational Platform
  3. SDKs & APIs
  4. Using Kore.ai APIs

Using Kore.ai APIs

Kore.ai Bots Platform provides access to bot development using secured APIs. All key developer activities like bot creation, bot import and export, training, and publishing are available using these APIs. Key account management activities like managing Bot Builder access, managing admin and bot roles can also be performed via secured public APIs.

To access Bot Platform’s public APIs, the application making the API request requires authentication. Kore.ai uses the JWT (JSON Web Token) mechanism to handle the authentication. For a quick overview of the JWT token, read Introduction to JWT tokens.

Authentication of the API requests involves the following two steps:

  1. Associate API Scopes to an App: As a first step to allow a client application to access the Bots Platform APIs, you first need to associate the client app with the bot. You could create a new app or associate an existing app. As a part of creating the app, you need to select the API scopes for the App, which allows you to provide access to only the selected APIs to the app.
    1. Bot Builder API Scopes: Bot developers can define bot specific API Scopes from the Bot Builder tool.
    2. Bot Admin Console API Scopes: Account administrators can define API Scopes to access any of the bots built in their accounts from the Admin Console.
  2. Generating JWT token: Use the Client ID and Client Secret of the app to generate a JWT token. This token needs to be passed as a part of each API request for authorization.

Associating API Scopes to a Client App from Bot Builder

  1. Hover over the side-navigation panel of the bot and click Apps & Agents.
  2. On the Apps & Agents page, click the API Scopes tab and then click New.
  3. On the New API Scope Mapping page, from the App drop-down list, select an existing client app for authentication. To create a new app, click the Manage Apps link. Learn how to create an app.
  4. Once you select an app, the Client ID and Client Secret section appears. Copy the values.
  5. Under the Scopes section, select the checkboxes next to one or more APIs for which you want the client app to have access. The apps cannot access the APIs that aren’t selected here.

Associating API Scopes to a Client App from Bot Admin Console

  1. On the side-navigation panel of the Bots Admin homepage, click Security & Control > API Scopes.
  2. On the API Scopes page, click New.
  3. On the New API Scope Mapping page, from the App drop-down list, select an existing client app for authentication. To create a new app, click the Manage Apps link.
  4. Once you select an app, the Client ID and Client Secret section appears. Copy the values.
  5. Under the Scopes section, select the checkboxes next to one or more APIs for which you want the client app to have access.

Generating JWT Token

  1. Go to http://jwt.io and scroll down the page to the Decoded section.
  2. Replace the contents in the Payload box with the Client ID of the app as follows:

    Note: The Bot Builder validates the token only when it is generated exactly as “appId”. The platform doesn’t validate tokens generated with any other formats such as “App ID” “appid” or “app ID”.
  3. In the Verify Signature box, enter the Client Secret in the box with the text your-256-bit-secret.
  4. Copy the generated JWT token from the Encoded section on the left.

NOTE: Once enabled, the API Scopes need to be Published. Follow the Publish procedure ensuring that the API Scopes are selected from the API Extensions option.

Articles

Was this article helpful to you? Yes No 1