Chatbot Overview
Conversational Bots
Intents & Entities
Intelligent Bots's Approach Conversational Platform
Bot Concepts and Terminology
Natural Language Processing (NLP)
Bot Types
Bot Tasks
Starting with Platform
How to Access Bot Builder
Working with Bot Builder
Building your first Bot
Getting Started with Building Bots
Using the Dialog Builder Tool
Creating a Simple Bot
Release Notes
Latest Updates
Older Releases
Bot Builder
Creating a Bot
Dialog Task
User Intent Node
Dialog Node
Entity Node
Supported Entity Types
Composite Entities
Supported Time Zones
Supported Colors
Supported Company Names
Form Node
Logic Node
Message Nodes
Confirmation Nodes
Service Node
Custom Authentication
2-way SSL for Service nodes
Script Node
Agent Transfer Node
WebHook Node
Grouping Nodes
Connections & Transitions
Managing Dialogs
User Prompts
Alert Tasks
Alert Tasks
Ignore Words and Field Memory
Digital Forms
Digital Views
Knowledge Graph
Importing and Exporting
Knowledge Extraction
Small Talk
Action & Information Task
Action Tasks
Information Tasks
Establishing Flows
Natural Language
Machine Learning
ML Model
Fundamental Meaning
NLP Settings and Guidelines
Knowledge Graph Training
Ranking and Resolver
NLP Detection
Advanced NLP Configurations
Bot Intelligence
Context Management
Session and Context Variables
Context Object
Dialog Management
Amend Entity
Multi-Intent Detection
Sentiment Management
Tone Analysis
Sentiment Management
Default Conversations
Default Standard Responses
Channel Enablement
Test & Debug
Talk to Bot
Utterance Testing
Batch Testing
Record Conversations
Publishing your Bot
Analyzing your Bot
Custom Dashboard
Conversation Flows
Bot Metrics
Advanced Topics
Bot Authorization
Language Management
Collaborative Development
IVR Integration
Data Table
Universal Bots
Enabling Languages
Smart Bots
Sample Bots
Travel Planning
Flight Search
Event Based Bot Actions
koreUtil Libraries
Bot Settings
Bot Functions
General Settings
PII Settings
Customizing Error Messages
Manage Sessions
Bot Management
Bot Versioning
Using Bot Variables
API Guide
API Overview
API List
API Collection
SDK Overview
SDK Security
SDK App Registration
Web SDK Tutorial
Message Formatting and Templates
Mobile SDK Push Notification
Widget SDK Tutorial
Widget SDK – Message Formatting and Templates
Web Socket Connect & RTM
Using the BotKit SDK
BotKit SDK Tutorial – Agent Transfer
BotKit SDK Tutorial – Flight Search Sample Bot
Using an External NLP Engine
Bot Administration
Bots Admin Console
User Management
Managing Users
Managing Groups
Managing Role
Bots Management
Inviting Users
Bulk Invites
Importing Users
Synchronizing Users from AD
Security & Compliance
Using Single Sign-On
Security Settings
Cloud Connector
How Tos
Creating a Simple Bot
Creating a Banking Bot
Transfer Funds Task
Update Balance Task
Context Switching
Using Traits
Schedule a Smart Alert
Configure Digital Forms
Add Form Data into Data Tables
Configuring Digital Views
Add Data to Data Tables
Update Data in Data Tables
Custom Dashboard
Custom Tags to filter Bot Metrics
Patterns for Intents & Entities
Build Knowledge Graph
Global Variables
Content Variables
Using Bot Functions
Configure Agent Transfer
  1. Home
  2. Docs
  3. Bots
  4. Bot Administration
  5. Security & Compliance
  6. Security & Control Module Overview

Security & Control Module Overview

In the Security & Control module of the Bots Admin Console,

  • you can add or modify password policies (on this page),
  • configure Single Sign-On (SSO) authentication for your domain users (see here),
  • configure and install the Connector agent for Bot communications between and your on-premises applications using custom Bots (see here),
  • obtain and reset enterprise key for encryption (see below),
  • create app and define API scopes (see below)
  • other security settings (see here)

Password Policy

Note: This option is available only if you have not enabled SSO, else the SSO provider password policies are implemented.

On the Password Policy page in the Security & Control module of the Bots Admin Console, you can define and enable minimum password length, requirements for inclusion of special characters, and password expiration policies for account passwords used to log on when Single Sign-On is not used. password policies give you the capability to ensure all account passwords of users in your account are complex and secure.
You can define password policies to ensure users of your account create and use complex passwords. Long passwords with numerical, alphabetical, and special characters can help to prevent access to accounts by malicious attackers.

The following illustration shows the controls on the Password Policy page in the Security & Control module of the Bots Admin Console.

Security Module Password Policy Page

Password Policy Page Controls

The following table describes the Password Policy page controls.

Minimum Password Length Defines the minimum number of characters users can use in a account password
Include Numeric Values Enables or disables the requirement of at least one numerical character in a password.
Include Alphabets Enables or disables the requirement of at least one alphabetical character in a password.
Enforce UPPER CASE Letters Enables or disables the requirement to have at least one upper case letter in a password.
Enforce lower case Letters Enables or disables the requirement to have at least one lower case letter in a password.
Include Special Characters

Enables or disables the requirement of at least one special character in a password. Valid special characters are:

! – Exclamation mark
@   At Symbol
#   Number symbol
$   Dollar symbol
^  Caret symbol
&   Ampersand
*   Asterisk
_   Underscore
   Double quotes

Enable a password expiration policy

Enables or disables password expiration. If enabled, you can define

  • a password validity period in days between 1 and 365; and
  • expiration notification as the number of days/hours before expiry date – 24hrs, 7days or 14days.
Apply this change to existing users Enables or disables application of the changes to the current users.

Creating a Password Policy

Enterprise Key

On the Enterprise Key page in the Security & Control module of the Bots Admin Console, you can view, or regenerate your enterprise data encryption key.

By default, enterprise data, including user data, is automatically encrypted using this key when stored on servers. The encryption key is reissued every 60 days, or whenever manually refreshed by an admin.

To generate a new enterprise data encryption key, click Refresh.

API Scopes

Using this option you can define apps and associate API scopes for accessing various platform features.

  1. Use the New button to create a new app.
  2. Select +Create App option from App drop-down.
  3. Once you enter a name, a Client ID and Client Secret would be generated which can be used to access the platform
  4. For each app created the following API Scopes can be assigned as per requirement
    • IntentIdentification includes the scopes for Intent and Entity Detection;
    • Bot Definition includes the scopes for Bot Import, Export and Creation;
    • Bot Publish for Publish access;
    • Test & Train to include permissions to Train ML  and FAQ, Utterances Import & Export;
    • Logs to include retrieval capablity of Bot Audit and Admin Console Audit Logs;
    • Profile Management to get access to Role Management APIs and to Delete User Data;
    • Bot Analytics to be able to retrieve Chat History and Bot conversation Sessions
    • User Management scope to manage users;
    • Custom Reports scope to retrieve the data associated with custom widgets and reports;
    • ManageKnowledgeGraph scope to export and manage the complete definition of the Knowledge Graph;
    • Channel Management to create and update channels;
    • BotKit to configure the botkit and agent transfer;
    • Master Admin – assign this scope to get the list of sample bot.
  5. Once created these apps can be used from within the Bot Builder Platform or externally to access various features by invoking the corresponding public API (see here for list).