Skip to main content
Version: 1.4.0

Service Account

This section will explain: how the developers can use service accounts to manage different authorizations of the APIs provided by the platform.

What is Service Account?

A service account is a virtual account used to invoke the platform's open APIs for building dialog capabilities. Once the service account is authenticated, developers can directly config the agent's data and properties through APIs without operation on the web pages.

What is Open Platform?

The Open Platform provide all APIs for developers to communicate with the agent through HTTP requests. You can directly call those APIs to:

  • Integrate with IM system to get response from the chatbot.
  • Config the data of the agent.
  • Get analytics data of the agent.
  • Get partial NLU result.

Create and Use the Service Account

To ensure the security of the API, the following parameters need to be appended to the Request Headers object each time the API is needed: Account ID and secret for authentication.

Create SService Account

  1. On the Service Account page, click the "+CREATE" button to create a new service account and get the account ID and Secret.

  2. If you need to change your account secret, click on "Reset Secret" in the line you want to reset.

Call APIs in Open Platform

The open platform provides various APIs, you can use them by sending an HTTP request to the conversation AI platform server address and input parameters to the request as required, and the agent will return the result back.

When requesting open platform APIs, you need to use HTTPS protocol, JSON data format and UTF-8 encoding. If you use POST requests, you need to set Content-Type : application/json in HTTP Headers.

Basic Structure of an API:

- Endpoint: the server addresss where you deploy the server.
- version: version of the API, check in the API doc.
- type: type of the API, check in the API doc.
- action: actions you want to perform, such as "user-attribute/create" is the action you want to create a user attribute.

The detailed information about open platform can be found in the APIs Doc

Authentication by service account

In order to ensure the security of the open platform interface invocation, it is necessary to authenticate the usage of APIs through the service account.

The authentication of the request is performed using the four Api-Auth-xxx key-value pairs in the HTTP Request Headers.

curl sample command:

curl -X POST \
-H 'Api-Auth-pubkey: {{pubkey-value}}' \
-H 'Api-Auth-nonce: {{nonce-value}}' \
-H 'Api-Auth-sign: {{sign-value}}' \
-H 'Api-Auth-timestamp: {{timestamp-value}}' \
-H 'Content-Type:application/json'
-d '{ \
"nickename": "curl_user",
"user_id": "curl_user_id"

PS: 4Api-Auth-xxx values need to be placed by real data.

The steps are as follows:

  1. Get an account ID and a Secret:

  2. To ensure the security of the API call, the following check parameters need to be appended to the request Headers object (Request Headers) each time the API is requested.

Api-Auth-pubkeyAccount ID
Api-Auth-nonceA random number generated by the caller. There is no limit to the number of bits, and the random number cannot be repeated in each request within one minute.
Api-Auth-signGenerated by "Secret" and random number "Api-Auth-nonce". Seedemo
Api-Auth-timestampThe second-level timestamp when the server generates the random number.