Sometimes, your APIs might have some endpoints that require authentication. For example, you might want to restrict access to certain endpoints to only users that are logged in, and in order for the copilot to know who is logged in, you need to send some sort of token with your copilot requests.

Currently, we support simple JWT authentication, and API tokens.

Dynamic Authentication via the widget

When you embed the copilot in your app, you can pass the authentication token to the copilot by using the headers prop.

    initAiCoPilot({
        ...
        headers: {
            Authorization: "Bearer your_auth_token_goes_here",
            AnyToken: "AnyValue"
        },
        ...
    });

as you see, as long as you pass the token in the headers prop, the copilot will send it with every request it makes to your API.

Authentication via the backend (from the dashboard)

This option is useful if you want to use the copilot in a public website, and you don’t want to expose your authentication token to the public, or if you want to use the copilot in a mobile app, and you don’t want to hardcode the authentication token in the app. It’s also very useful for testing purposes.

In order to use this option, you need to go to the dashboard, and navigate to the “Copilot Settings” tab, and then scroll down to the “Global variables/headers” section.

IntroductionIntroduction to flows