Build agents
Actions Gallery
Authentication
Set up OAuth2 clients

Set up OAuth2 clients

Before you can use Oauth2-based authentication, you need to set up OAuth2 client. You can set it up in Studio for testing purposes, and in Control Room for deployment purposes.

The client setup may differ for use in Studio and deployment to Work Room. Refer to the article in this section for detailed instructions on how to set up OAuth2 client providers for various services.

In Studio

Having the OAuth2 client set up in Studio is very useful for testing your agent. However, you can't publish the client configuration with the agent to Control Room. For deployment, you need to set up the client separately in Control Room.

  1. In Studio, go to Settings.
  2. Select the Clients tab.
  3. Locate the card of the service you're setting up the OAuth2 for.
  4. Fill in the required details.
Clients view in Studio
Clients view in Studio

With the client ready, when you deploy in Studio and chat with an agent that contains an action with OAuth2 requirement, you'll first see the following prompt:

Google scheduling assistant call to configure client
Google scheduling assistant call to configure client

Click Connect. The regular OAuth2 flow will initiate, and you'll be asked to grant the agent the necessary permissions.

If you see "Configure client" instead of "Connect", it means you don't have the appropriate OAuth2 client set up in Studio.

Export and share OAuth2 client configurations

You can export the OAuth2 configuration from Studio to your computer. This is useful when you wish to test an agent collaboratively with your colleagues. When you give them the exported configuration, they can import it into their Studio to save time.

In Control Room

Enable your Work Room user to work with agents that require OAuth2 authentication by setting up the client in Control Room. The end users in Work Room don't need to set up anything; they only log into the particular service using the web interface and approve the required permissions of the client.

  1. In Control Room, go to  Configuration.
  2. Select the OAuth Providers.
  3. Click  OAuth Provider.
  4. Type a name for the new OAuth2 configuration.
  5. Select the service you're setting up the client for.
  6. Type or paste the values for the required fields like Client ID or Client Secret.
  7. Click Create.
OAuth2 providers in Control Room
OAuth2 providers in Control Room

When you deploy an agent from Control Room to Work Room, select the OAuth2 client you set up in the 2nd step of the deployment configuration.

Your secrets are safe.

All secret configuration values you set up in Control Room are safe because they're stored in your organization's VPC. Sema4.ai can access only the basic metadata to show you the secrets you have set up in Control Room.

Update your OAuth2 client configurations

You may need to change your Oauth2 client configuration to, for example, change the scope of its permissions. To do this, go to the credentials setup in the service the client is for and update the configuration there.

You don't need to reconfigure and redeploy your agents to reflect these changes. The Work Room user may get a new prompt to approve the new permissions, but that's all.

AuthenticationGithub