Hi everyone! I’m having some trouble trying to figure out how to use JWT based authentication and I was hoping someone could point me to the right direction
Documentation states that "Requests to the server need to contain a valid JWT token in the Authorization header that is signed using this secret and the HS256 algorithm.
The user must have username and role attributes. If the role is admin, all endpoints are accessible. If the role is user, endpoints with a sender_id parameter are only accessible if the sender_id matches the user’s username."
I was wondering how is it possible to assign to user an username and role attributes?
Another question is what could be going wrong in my request (jwtToken is matching --jwt-secret in rasa run command):
Hi @carla.lmeida, thanks for your question. As you pointed out correctly, you need to attach an Authorization header with a signed JWT to your request. The payload of that JWT needs to be a dictionary with a user field, containing a dictionary with username and role fields. Here’s one way of achieving this in python:
@ricwo
In my case I am using socket.io in angular to connect with rasa by specifying user_uttered and bot_uttered. Its working perfectly fine and im able to communicate with the server without any hassles. I want to JWT based authentication for some actions. How can i pass jwt token from the angular file itself. The documentation is not detailed. There mus be a step by step guide for achieving that too.
hello, could you please guide me how you implemented JWT authentication on rasa server. I ran my chatbot using
rasa run
-m models
–enable-api
–log-file out.log
–jwt-secret thisismysecret
Still I am able to request the server without providing any jwt token while hitting the chatbot API.
Thanks in advance