Verified user access

Verified user access allows each end user to authenticate with their own credentials when a genie skill recipe runs. This ensures that the skill recipe performs actions using the identity and permissions of the individual user.

Your end users have the ability to manage their runtime user connection through the genie chat interface.

Parent connections

Parent connections act as templates that runtime user connections inherit. The system checks for an existing runtime connection linked to the parent when a user triggers a skill recipe. Users are prompted to authenticate if no runtime connections are found.

User connections link to the parent connection, environment, and user ID in Workato Identity when you use verified user access to create connections at runtime. The genie calls a skill that uses the parent connection when an end-user talks to a genie and triggers a recipe. The genie responds in one of the following ways:

Connection prompt: The chat interface prompts the user to click Connect if they've already created a runtime user connection. The skill recipe executes using this child connection. Create a runtime connection prompt: The chat interface prompts the user to create a runtime user connection if they haven't already created a runtime user connection. The skill recipe executes using this child connection.

Connect prompt in the chat interface

For example, when you run a genie skill recipe with an Salesforce connection that requires verified user access, it creates a child connection for the user. This new connection links to the genie skill recipe's default Salesforce connection as its parent.

graph LR X(("Skill recipe <br/> with verified user <br/> access and a Salesforce <br/> connection is triggered")) --> Y{{"Runtime user <br/> access prompts the <br/> user to authenticate <br/> with existing credentials <br/> or create credentials"}} A[/"Recipe default connection <br/> or <strong> Parent connection </strong>"/] A -.User connection <br/> automatically links to <br/> the Parent connection.- Z("A child connection <br/> is created for the user") Y --> Z classDef default fill:#67eadd,stroke:#b3e0e1,stroke-width:2px,color:#000; classDef WorkatoBlue fill:#5159f6,stroke:#5159f6,stroke-width:2px,color:#fff; class Y WorkatoBlue

Add verified user access to skill recipes

You can add verified user access to your genie skill recipes during the recipe building process.

VERIFIED USER ACCESS IS ONLY AVAILABLE FOR OAUTH 2.0 APPS

Only app connections that use OAuth 2.0 are available for user's connection.

Complete the following steps to add verified user access to a skill recipe:

1

Go to the skills recipe where you plan to add verified user access.

2

Click Select an app and action step in the recipe.

3

Search for and select the app you plan to use. A list of available actions for the app displays.

4

Select the action you plan to use.

5

Select the connection type you plan to use for the skill recipe.

• User's connection: Genie skill recipes perform actions based on the identity and permissions of the user who connects to the application. Users authenticate with their own credentials to execute the skill.
• Your connection: This option uses the connection established by the recipe builder and follows the same principles as normal app connections.

Select User's connection to enable verified user access

Refer to the Add skills section of the Agent Studio documentation for more information.