In part 2 of this article, I demonstrated how to create Admin IVR to be able to enable/disable emergency messages using the phone menu.
Right now our Admin IVR has no protection so anyone can dial it and fiddle with emergency messages.
There are multiple options on how to add security to our IVR menu such as:
1) Option 1 - easiest option would be to add a numeric password that will be hardcoded directly in Admin IVR. You ask users to enter the password first and if it is correct proceed with normal Admin IVR behavior.
This option is OK if you have a small number of users (ideally 1 user only).
2) Option 2 - create a user table that contains an individual numeric password for each user.
Optionally you can add phone numbers to user table and limit access for each user only if they dialed from a specific phone number (for example corporate cell phone number).
3) Option 3 - use VoiceID to add authentication by voice.
In this article, I would like to show how to use DynamoDB table to add authentication to Admin IVR - option 2.
Step 1.
I created DynamoDB table EmergencyMessagesAdmin with the following attributes:- PIN - unique PIN code assigned to each user
- FirstName
- LastName
Step 2.
Next step we will need a new Lambda function checkEmergencyMessagesAdmin to verify if the PIN code matches.
What it does:
- takes PIN codes as input and verifies if there such PIN code in EmergencyMessagesAdmin
- if yes returns Valid = 1
Step 3.
Now let's update the existing flow EmergencyMessagesAdmin.
Right at the beginning of the flow, we will ask user to enter PIN-code and then use our lambda function checkEmergencyMessagesAdmin to verify if it is a valid user.
If it is a valid user -> we will offer a standard IVR Admin menu.
No comments:
Post a Comment