Help

No results found

Secure Services Widget

Airgentic Help

Adding the Secure Widget to Your Site

Once Airgentic has configured your secure service, you can add the widget to your website or intranet. The embed code is almost identical to a standard (non-secure) widget, with two extra attributes that enable authentication.

Embed code

Add the following <script> tag to any page where you want the Airgentic widget to appear:

<script
  id="airgentic-script"
  src="https://chat.airgentic.com/airgentic-1.4.js"
  data-account-id="your_account_id"
  data-service-id="your_service_id"
  data-auth-mode="oidc"
  data-auth-redirect-uri="https://intranet.yourorg.gov.au/callback"
></script>

Airgentic will provide your data-account-id and data-service-id values.

Authentication attributes

Attribute Description
data-auth-mode="oidc" Tells the widget to require sign-in via your identity provider. If omitted, the widget runs in open (unauthenticated) mode and a secure service will reject all requests.
data-auth-redirect-uri The URL your identity provider redirects users to after sign-in. This must exactly match one of the redirect URIs you registered in your identity provider and provided to Airgentic.

The callback page

The data-auth-redirect-uri (e.g. https://intranet.yourorg.gov.au/callback) is the page your identity provider sends users back to after they sign in. This can be:

  • The same page that embeds the widget (e.g. your intranet homepage) — simplest and recommended option.
  • A dedicated callback page — the user will remain on this page after authentication completes, with the widget ready to use.

Either way, the page at the callback URL must include the same Airgentic script tag. The widget detects the authentication callback automatically, completes the sign-in, and removes the temporary parameters from the address bar.

Note: The widget does not automatically redirect users back to a different page after authentication. Users remain on the callback page. For the best experience, use your main widget page as the callback URL so users are already where they want to be after signing in.

No custom server-side code is required on your end — the widget handles the entire callback process in the browser.

What happens when a user visits the page

  1. The widget loads and checks for an existing session.
  2. If the user is not signed in, the widget redirects them to your organisation's sign-in page (e.g. Microsoft).
  3. The user signs in with their normal organisational credentials.
  4. Your identity provider redirects them back to the callback URL.
  5. The widget completes authentication and the chat and search are ready to use.

If the session expires, the user is prompted to sign in again.

For a more detailed explanation of this flow, see How Secure Authentication Works.

Testing

After adding the embed code:

  1. Open the page in a browser where you are not already signed in to your identity provider.
  2. The widget should redirect you to your organisation's sign-in page.
  3. Sign in with an account that meets your authorisation rules (e.g. an email at your domain).
  4. After sign-in, you should be redirected back to your page with the widget ready to use.
  5. Try sending a message to confirm the widget responds.

If you see an error or the widget doesn't load, check that:

  • The data-auth-redirect-uri exactly matches the redirect URI registered in your identity provider.
  • The page at the redirect URI includes the Airgentic script tag.
  • Your account meets the authorisation rules configured for the service.

If you need help, contact Airgentic support — see Contacting Airgentic.

← Back to Secure Services overview

You have unsaved changes