Mindset AI Documentation
  • General
    • Welcome
    • AI and Security
      • AI Guidelines
      • Security Q&A
      • AI Buyers Guide
  • Platform
    • Overview
    • Features
      • Welcome workflow
        • How to configure the Welcome workflow
        • Welcome workflow best practices
      • Onboarding workflow
        • How to configure the Onboarding workflow
        • Onboarding best practices
        • How to configure Single Sign-On (SSO)
        • How to Configure Multi Factor Authentication (MFA)
      • Knowledge workflow
        • Content Discovery
          • How to configure Content Discovery
          • Setting up the Content Discovery carousels
          • ‘Trending’ carousel calculations
        • Knowledge Banks
          • How to configure a Content Knowledge Bank
          • Learn about Synced Knowledge Banks
          • How to create Speakers
          • How to exclude Content from being visible
          • How to process PDF files
          • How to process SCORM files
          • Knowledge Bank best practices
          • Prompts
            • How to configure Prompts
            • Prompts best practices
        • Events
          • How to configure External Events
          • How to Configure Live Streaming Events
        • Knowledge workflow FAQs
      • Agents
        • How to configure the Agent workflow
          • How to add an Agent Disclaimer message
        • How to create Agents
          • Settings
          • Personality
          • Policy
          • Capabilities
            • Capabilities best practices
          • Tools
          • LLM (Beta)
          • Design
          • Knowledge
          • Bias
          • Testing
          • Preview
          • Access
        • Language Translation within Agents
    • Design
      • Navigation
      • Branding
      • Thumbnail Design
      • Images
        • SVG Images
        • Selecting the Right Image for your Application
    • Accounts
      • How to configure Accounts
      • How to configure Account branding
      • How to invite end-users to an Account
    • Humans
  • Developers
    • Embed SDK
      • Embed an AI agent: step by step guide
      • How to embed an agent in your site
      • Testing your Embedded Agent
      • Authentication
    • Mindset API
      • Mindset Public APIs
      • HTTP API
        • API Key authentication
        • API Servers
        • api-authenticate-embedded-user
      • REST API
        • Contexts API
        • Context Files API
        • Labels API
  • Analytics
    • Overview
    • ThoughtSpot
      • ThoughtSpot FAQs
        • Adding a logo or image to a liveboard
        • There is data missing from liveboard
        • Exporting raw data
        • Exporting data to a csv file
        • How to add a note to a liveboard
        • How to pin in a liveboard
        • Editing individual data visualizations in a liveboard
        • Thoughtspot Alerts
    • Connecting a BI tool
  • Integrations
    • Overview
      • Choosing Data for your Agent
      • Supported Files
    • Content management
      • Google Drive
        • Google Drive Integration Set-Up
      • SharePoint
        • SharePoint Integration Set-Up
      • Hubspot
      • Podbean
      • Wistia
      • WordPress
      • Dropbox
    • Communication
      • Microsoft Teams
      • Slack
    • Customer Management and Payment
      • Hubspot
      • Stripe
  • Support
    • Contacting support
    • Taking a screenshot on any laptop
    • Resizing & compressing images
    • Performing a hard refresh
    • Application loading time
    • Raise a support ticket
    • Service Level Agreement (SLA)
  • Mindset AI Website
  • Book a Demo
Powered by GitBook
On this page

Was this helpful?

  1. Developers
  2. Embed SDK

Authentication

PreviousTesting your Embedded AgentNextMindset API

Last updated 10 months ago

Was this helpful?

See also

Authentication

Overview:

The Mindset SDK employs an authentication mechanism that uses an authentication token. This token is pivotal in linking the client-side session to a user account within the Mindset platform. The process ensures a seamless integration of user sessions with the platform's functionalities.

The authentication approach is two-fold:

  1. Existing User Linkage: If the user already exists in the Mindset platform, the authentication process will generate a token that links the current client-side session to this existing user account. This facilitates a continuous and integrated experience for returning users.

  2. Automatic User Creation: In cases where a user does not exist on the platform, the authentication process automatically triggers the creation of a new user account based on the provided email address. A corresponding authentication token is generated, linking the new user account to the client-side session. This streamlined process ensures new users are smoothly onboarded without additional manual steps.

The authentication token is a critical component in this process, serving as the key to accessing and interacting with the SDK's features while maintaining user-specific contexts and preferences.

Client Authentication Token Generation:

A secure server-side HTTP POST request is made to the Mindset authentication endpoint to generate the AUTH-TOKEN-FOR-CURRENT-USER. This process involves sending user identification details (such as email address) and your application credentials.

POST https://MINDSET-API-HOST/api-authenticate-embedded-user

Authorisation Header:

You must supply an API key header with your request.

API keys are managed in the app admin UI.

The header should be passed as:

x-api-key: YOUR-API-KEY

Request Body:

The body of the request should include:

  • userEmail (String): The email address of the user to authenticate.

  • addToAccounts (optional, array) You can specify one more accounts to automatically add this user to. This to allow embedded agent user sessions to be granted access to restricted agents. Each element of the array should be of the form {"accountUid":"<UID-OF-ACCOUNT-TO-ADD-USER-TO"}

Example JSON body:

{
  "userEmail": "USER-EMAIL-ADDRESS"
}
{
    "userEmail":"USER-EMAIL-ADDRESS",
    "addToAccounts":[{"accountUid":"firstaccountid1234"}
}

Server-Side Authentication:

  • Critical: The authentication process must be handled server-side. This is to ensure the security of your API key and the overall integrity of the user authentication process.

  • Upon successful authentication, the API returns an authentication token. This token is then used in subsequent SDK function calls to authenticate the user.

User Account Handling:

  • An authentication token will be generated if a user with the provided email address exists in your application.

  • If no such user exists, a new user account will be created using the provided email address, and an authentication token will be generated.

Security Considerations:

  • API Key Confidentiality: Keep your API key confidential. It should be securely stored and never exposed in client-side code.

  • Authentication Tokens: Handle authentication tokens securely. They should be transmitted and stored using secure methods to prevent unauthorized access.

Example Server-Side Usage:

// Example Node.js code to make a server-side HTTP POST request for user authentication
// Adapt this example based on your server-side programming environment

const fetch = require('node-fetch');

const requestBody = {
  userEmail: "user@example.com"
};

fetch('https://MINDSET-API-HOST/api-authenticate-embedded-user', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'x-api-key': 'YOUR-API-KEY'
  },
  body: JSON.stringify(requestBody)
})
.then(response => response.json())
.then(data => {
  console.log('Authentication Token:', data.authToken);
})
.catch((error) => {
  console.error('Error:', error);
});
https://docs.mindset.ai/developers/mindset-api/rest-api/api-authenticate-embedded-user