. API  . API Overview

API Overview

Kore.ai Virtual Assistant (Bot) platform is used to build the Kora Enterprise Virtual Assistant. There might be cases where you might want to interact directly with the bot to customize it’s behavior. For this you can use the secured public APIs that the platform offers.

This document details the steps you need to take in order to  access these APIs and a list of APIs you can access.

API Authorization

To access Kora’s public APIs, the user making the API request requires authentication. See below on how to obtain the user details. Kora support two types of authentication headers while invoking the APIs:

  1. Auth Header: (Preferred and Secured)
    You can generate a JSON Web Token (JWT) (see below for how) for the userId  that needs access to the API, sign it with the userToken and pass it in the request header of the API as follows:
    "auth": "<JWT token>"
  2. Token Header:
    Directly pass the userToken in the request header as follows:
    "token": "<userToken>"

Capturing User Details

Kora user details are provided in the skill bot context under session context in the following path: context.session.BotUserSession.lastMessage.messagePayload.botInfo.customData

You can access the various details as follows:

var customData = context.session.BotUserSession.lastMessage.messagePayload.botInfo.customData;
var firstName = customData.fN;
var lastName = customData.lN;
var email = customData.email;
var userid = customData.userId;
var userToken = customData.userToken;    //user token to access the public APIs
var tenantMeta = customData.tenantMeta;  //applicable only for SAML SSO users for additional profile meta

Generating JWT

The API request authentication can be achieved through JWT token. For a quick overview of the JWT token, read Introduction to JWT tokens. Following are the steps to obtain this token:

  1. You would need the userId and userToken as mentioned in the above section.
  2. Go to http://jwt.io and scroll down the page to the Decoded section.
  3. Set Algorithm to HS256
  4. Replace the contents in the Payload box with the following:
    { "userId": "<user Id>",  
      "sub”: "Subject_Claim", 
      "iat":  Issued_At_timestamp}
  5. In the Verify Signature box, enter the userToken
  6. The Encoded section would contain the generated JWT token.

API Listing

Following APIs are available: