What is the best way to pass credentials to and from Dialogflow
I might be missing this entirely in the documentation, but I'm looking for examples of passing authentication to and from Dialogflow.
The Dialogflow examples I find are open for all users, but I want the Dialogflow interaction to be logged into a specific authenticated user. I setup Google Cloud Identity and Firestore Auth, but I can not find good examples of how to move that authentication information securely through Dialogflow in its requests to the Firestore database. I am using NodeJS on the backend webhooks.
There's no straight-forward option to authenticate a user for Dialogflow fulfillment. A suggestion to handle how to pass credentials and the webhook connection is as follows:
- The end-user authenticates to your server
- The server creates a new session for this conversation in Dialogflow (or validates the current session)
- Your server uses the
payloadfield in the QueryParameters object in the detectIntent request to pass the necessary information to validate the user during the fulfillment - Configure mTLS for your webhook to create a secure connection
- Use the
payloaddata in the webhook request to authenticate the user
EDIT
When using Dialogflow-Messenger, you don't have access to the Dialogflow API directly; however, for the step 3, you can still pass a value to queryParams.payload through the user-id HTML customization.
Here's an example of how to set it dynamically:
const dfMessenger = document.querySelector('df-messenger');
dfMessenger.setAttribute("user-id", YOUR_USER); // Sent to Dialogflow API through queryParams.payload
- hooks.server and page.server authentication infinite loop
- how to use bitbucket access token with JGit instead of user / pass
- Where to store the refresh token on the Client?
- PostgreSQL error: Fatal: role "username" does not exist
- OpenID Connect /Node /React
- AWS Amplify Auth with Cognito User Pool not returning nonce or at_hash claim in JWT id_token
- Best practice for id_token vs. access_token use in AWS Lambda
- Revoking JWT with No Expiration
- How to implement user authentication in Blazor Server with Entra External ID?
- MSAL for non-SPA? Server side authentication?
- Passing authentication from Blazor to API, losing some claims
- How to guard nestjs swagger endpoint
- Google API access without using a private Google account
- How to Validate Current Password Against User Input Using Laravel Validator?
- getPocket API - iOS
- Is it a good idea to add UTC timestamp for API authentication
- Which HTTP response code should I give my application to say that authentication was successful?
- Error:Request failed: bad request (400) login via afnetworking in swift
- What is an API token
- Can you get your Twitter email using the API?
- Keep getting CallbackRouteError fired when trying to use signIn function in (next-)authjs v5
- Navbar not showing the changed value when a state changes
- I tried to change postgresql md5 to scram-sha-256 and I get FATAL password authentication failed
- Google Authenticator on Apple devices, certain secrets are not valid
- Tiktok client key
- REST API Authentication
- robin_stocks Robinhood Authentication Stopped Working
- AppwriteException: User (role: guest) missing scope (account), not able to get account after creating a session
- Jboss 7 custom authenticator
- How do the ASP.NET Core 5 OpenIdConnect authentication cookies work in theory?