¿How do I authenticate sending this whatsapp Template using an ACL?

[JaimeCasillasBluu]

How do I

I received this email from Vonage:

For the APIs requiring JWT for authentication, please ensure you are creating it correctly, following official guidelines per the Authentication guide, namely: Only use “sub” (as correct username) for JWT purposed to be used in the client application (Client SDK). Set Access Control List (ACL) respectively to API paths used by the application. If your application does not follow strictly the conventions described in the developer documentation, you may face service disruption on the 31st of August 2024.

I have been sending this template with this code, the Vonage support told me in the past i could send this like this way once, but now how do i use the acl? Im doing this because i can't obtain the private key of the ai studio app, because that will kill the bot

API/Product

Messages

Code Sample

const axios = require('axios'); require('dotenv').config();

const WHATSAPP_NUMBER = process.env.WHATSAPP_NUMBER; const WHATSAPP_TEMPLATE_NAMESPACE = process.env.WHATSAPP_TEMPLATE_NAMESPACE; const WHATSAPP_TEMPLATE_NAME = process.env.WHATSAPP_TEMPLATE_NAME; let JWT_TOKEN = ""; // Initialize the variable without a token

// Function to obtain the JWT token async function obtenerJWTToken() { try { const response = await axios.get('https://studio-api-eu.ai.vonage.com/agents/AGENT ID', { headers: { 'X-Vgai-Key': 'KEY VALUE' } }); JWT_TOKEN = response.data.token; // Update the JWT_TOKEN with the new value console.log("Token updated: ", JWT_TOKEN); } catch (error) { console.error("Error obtaining the JWT Token: ", error); } }

// Function to send a message to the specific number async function enviarMensaje(toNumber) { try { await obtenerJWTToken(); // Ensure the token is updated before sending the message const response = await axios.post('https://api.nexmo.com/v1/messages', { template: { name: ${WHATSAPP_TEMPLATE_NAMESPACE}:${WHATSAPP_TEMPLATE_NAME}, }, to: toNumber, from: WHATSAPP_NUMBER, channel: 'whatsapp', message_type: 'template', whatsapp: { policy: 'deterministic', locale: 'es-MX', }, }, { headers: { 'Authorization': Bearer ${JWT_TOKEN}, 'X-Vgai-Key': 'KEY VALUE' // API key of the bot application } });

console.log(`Message sent to ${toNumber}:`, response.data);

} catch (error) { console.error(Error sending message to ${toNumber}:, error); } }

// Send message to the specific number enviarMensaje('PHONE NUMBER'); // Call the function to send the message

[manchuck]

@JaimeCasillasBluu, I think you are confusing the Client SDK and the Server SDK. The Client SDK is for use in the browser. This is what the email you received was talking about. In the past, we saw that your account was missing those claims and we just wanted to inform you to update your code. The JWT token for the client SDK needs to have the sub and ACL. I can gather from the code you provided that you are trying to send a WhatsApp message from your own server using the application that AI Studio created. This will not work since you cannot get the credentials to send the message. AI Studio does not support this, so you will have to use it.

[JaimeCasillasBluu]

I can gather from the code you provided that you are trying to send a WhatsApp message from your own server using the application that AI Studio created.

Yes, that's exactly what we do, and the code I have above does work for us.

So the problem is in how we are generating the jwt token?

I know i can't get the private key from a Ai Studio Application, but in this case what can I do?

[ruskibenya]

Hey @JaimeCasillasBluu,

I'm bringing this to the AI Studio team to see what can be done. 🙏