Configure Message Authentication for inbound communication

Watch

Save as PDF

Share this page

Feedback

Extend Now Platform capabilities

HomeVancouver Now Platform CapabilitiesExtend Now Platform capabilitiesConversational InterfacesVirtual AgentBuilding and deploying Virtual AgentUsing Virtual Agent APIConfigure Message Authentication for inbound communication

Table of Contents

Configure Message Authentication for inbound communication

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedAug 3, 2023
3 minutes to read

Vancouver
Virtual Agent

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

You can configure Message Authentication for the Virtual Agent API instead of Basic or OAuth. Message Authentication involves configuring either Static or Hash tokens, setting up Provider Authentication, and setting the channel identity.

Before you begin

Follow the steps in Review the inbound REST endpoint and configure inbound authentication.

Role required: admin

Procedure

Configure the token by doing one of the following, depending on the token type:

Static token:

Navigate to All, and then enter token_verification.list in the filter.
Click New.

On the Token Verifications form, fill in the fields.


Field	Description
Name	Name of the authentication token, such as `B2BTestAppAuthToken`.
Description	Description of the authentication token, such as `B2B Testing application Auth Token`.
Token	Enter an authentication token that you generated using any general programming or scripting language, or click Generate Secure Token in the Related Links.

Click Submit.

Hash token:

Navigate to All, and then enter hash_message_verification.list in the filter.
Click New.

On the Hash Message Verification form, fill in the fields.


Fields	Description
Name	Name of the authentication token, such as `B2BTestAppAuthToken`.
Description	Description of the authentication token, such as `B2B Testing application Auth Token`.
Secret	Authentication token (random string).

Click Submit.

Set up Provider Authentication for token-based authentication.

Navigate to All, and then enter message_auth.list in the filter.
Click New.

On the Message Auths form, fill in the fields.

Search:


Field	Description
Name	Name of the message authentication, such as `B2B Auth token`.
Provider	Name of the provider.
Group name	Not required.
Service Portal	Not required.
Inbound message verification	Select the Static token or Hash message token that you created.
Outbound message creation	This field is currently not supported in the Virtual Agent API. Select the Static token or Hash message token that you created.
Outbound service token	This field is not currently supported in the Virtual Agent API.

Click Submit.

Set the channel identity.
1. Navigate to All, and then enter sys_cs_provider_application.list in the filter.
2. Select the VA Bot to Bot Provider Application record to open it.
3. In the Provider Channel Identity form, locate the Message auth field and select the message auth that you set up previously.
4. Click Update.
For Hash token-based authentication only, send the x-b2b-signature in the request headers.
The value is the HmacSHA1 encoded value of the request payload, which uses the token created in the ServiceNow instance. For example, in Postman, follow these steps:
1. In the Headers, set the x-b2b-signature to {{hashValue}}.
2. In the Pre-request Script area, set the token as follows:
```
pm.environment.set('hashValue', CryptoJS.HmacSHA1(JSON.stringify(JSON.parse(request.data)), '<insert your token>').toString(CryptoJS.enc.Hex));
```