Configurations · ESP RainMaker Customer Docs

Configuring RainMaker Platform

Configuring the E-mail template for Verification messages

When the users sign-up, the Rainmaker platform sends them an Email which consist of a verification code. The users are expected to use this verification code to confirm their accounts, when they login using the Mobile Apps.

You can customise this Email template, from the Rainmaker Dashboard. You will need to have admin privileges for customising this E-mail message template,

Here are the steps to configure the E-mail template.

Click on deployment Settings

Click on the Email Configurations tab.

configure2

Keep the template type same - "Welcome Email Notification"

You can change the Subject of the Email.

You can change the Template, as per your requirement, this template can be simple text or it can be a valid HTML.

Please note that you will need to have the string - {####} in the template. This is a placeholder string, which is filled by the AWS service with the Verification code.

After your changes are done, click on "Set Email Template Button".

So when a new user is created, the Verification Email will have this Email template.

configure3

Configuring Cognito Domain

Cognito Domain is required for implementing sign-in using third party Identity providers (eg., Google, Apple) and for linking your Alexa, Google Voice Assistants account with your RainMaker account.

The Cognito Domain is used to form the URL of sign-in and sign-up webpages, that are used for third party identity providers and voice Assistant integrations.

To configure the Cognito domain name,

Login to RainMaker dashboard with super-admin credentials.
Go to Deployment Settings tab
Go to Cognito Configurations tab.
Enter the value for the custom domain name as shown below:

customdomain

Note: Custom Domain names can only contain lower-case letters, numbers, and hyphens.

Configuring Cognito Callback URL

The callback URLs are needed while using the third party authenticating services and linking your account in Alexa/Google Voice Assistants with your account in RainMaker. After successful sign-in users are redireted to one of the URLs specified in callback URLs.

Steps to configure the Callback URLs are given below:

Login to RainMaker dashboard with super-admin credentials.
Go to Deployment Settings tab.
Go to Cognito Configurations tab.
Enter your callback URLs as shown below. Multiple callback URLs can be specified by entering a comma after each URL.

appclient

Configuring third party identity providers integrations

Users can sign in using third party identity providers. You can create developer account with third party identitiy providers and register your app. You will need the app credentials, received while registering the app to configure third party Identity providers. Supported Identity Providers are Google and SignInWithApple.

The custom domain name configured in step configuring custom domain name , will be used while registering app with Third party Identity Providers.

Configuring Google Identity Provider:

The detailed steps for Google sign-in integration can be found here - Google sign in integration

Configuring SignInWithApple Identity Provider:

The detailed steps for Apple sign-in integration can be found here - Apple sign in integration

Configuring Custom Cognito Domain ( Optional )

1. Create ACM certificate

AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications. You can provide certificates for your integrated AWS services either by issuing them directly with ACM or by importing third-party certificates into the ACM management system.

Sign in to the AWS console & search for AWS Certificate Manager service.
Click on Request Certificate.
Select request a public certificate option & Click Next.
Enter Fully qualified domain name & Click Request

ACM_certificate

It will take 1-2 days to validate from AWS to validate.

2. Creating a custom domain and adding it to the user pool

Here, you need to enter a custom domain name & select ACM certificate from the drop down arrow that we created in then previous step.

Sign in to the Amazon Cognito console.
Click User pools.
Choose the rainmaker-user-email-mobile-pool to which you want to add your domain.
Click on the App integration tab.

create_custom_domain_1

Next to Domain, choose Actions, then choose Create custom domain.
For Custom domain, enter the URL of the domain you want to use with Amazon Cognito. Your domain name can include only lowercase letters, numbers, and hyphens. Do not use a hyphen for the first or last character. Use periods to separate subdomain names.
For ACM certificate, choose the SSL certificate that you want to use for your domain. Only ACM certificates in US East (N. Virginia) are eligible to use an Amazon Cognito custom domain, regardless of the AWS region of your user pool.
Click on Create.

create_custom_domain_2

Amazon Cognito returns you to the App integration tab. A message titled Create an alias record in your domain's DNS is displayed. Note down the Domain and Alias target displayed in the console. They will be used in the next step to direct traffic to your custom domain.

3. Add an alias target and subdomain

In this step, you set up an alias through your Domain Name Server (DNS) service provider that points back to the alias target from the previous step.

A) To add an alias target and subdomain to your current DNS configuration

If you aren't using Route 53 for DNS address resolution, then you must use your DNS service provider's configuration tools to add the alias target from the previous step to your domain's DNS record. Your DNS provider will also need to set up the subdomain for your custom domain.

B) To add an alias target and subdomain using Route 53

If you aren't using Route 53 for DNS address resolution, then you must use your DNS service provider's configuration tools to add the alias target from the previous step to your domain's DNS record. Your DNS provider will also need to set up the subdomain for your custom domain.

Sign in to the Route 53 console.
If you don't have a hosted zone in Route 53, you must create one using the following steps. Otherwise, continue to step 3.
a) Choose Create Hosted Zone.
b) Enter the parent domain
e.g. auth.example.com, of your custom domain,
e.g. myapp.auth.example.com, from the Domain Name list.
c) {Optional} For Comment, enter a comment about the hosted zone.
d) Choose a hosted zone Type of Public hosted zone to allow public clients to resolve your custom domain. Choosing Private hosted zone is not supported.
e) Apply Tags as desired.
f) Choose Create hosted zone.
On the Hosted Zones page, choose the name of your hosted zone.
Choose Create record. Add a DNS record for the parent domain and choose Create records.
The following is an example record for the domain auth.example.com.
auth.example.com. 60 IN A 198.51.100.1

Amazon Cognito verifies that there is a DNS record for the parent domain of your custom domain to protect against accidental hijacking of production domains. If you do not have a DNS record for the parent domain, Amazon Cognito will return an error when you attempt to set the custom domain.

Choose Create record again.
Enter a Record name that matches your custom domain, for example, myapp to create a record for myapp.auth.example.com.
Enter the alias target name that you previously noted into Alias Target.
Enable the Alias option.
Choose to Route traffic to an Alias to Cloudfront distribution. Enter the Alias target provided by Amazon Cognito when you created your custom domain.
Choose Create Records.

Your new records can take around 60 seconds to propagate to all Route 53 DNS servers. You can use the Route 53 GetChange API method to verify that your changes have propagated.

4. Verify your sign-in page

Verify that the sign-in page is available on your custom domain. Sign in with your custom domain and subdomain by entering this address into your browser. This is an example URL of a custom domain example.com with the subdomain auth:

https://myapp.auth.example.com/login?response_type=code&client_id=<your_app_client_id>&redirect_uri=<your_callback_url>

Reference link: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html

Configuring MFA ( Optional )

Admin users can setup Multi-factor authentication (MFA) for higher security. This will send a verification code to the admin's phone number at each login. Increase the SNS sending limit if not done already before going further.

Log in to Rainmaker Dashboard with your admin account. Go to deployment settings, then go to the MFA Configurations tab.
To add or update phone number on which you wish to receive the verification code, enter the number along with the country code. Click on Update.

Note - You may skip step 2 and 3 if you have already added the phone number.
Verify the phone number by entering the verification code sent to the updated phone number.
Your phone number is now updated. You can enable MFA using the toggle.

Note - You can also disable MFA any time using the same toggle.
MFA settings updated successfully.

Note - The settings will reflect from the next login onwards. If enabled, an MFA prompt will appear after the initial password authentication:

Configuring the DNS names ( Optional )

When the Rainmaker backend and the frontend stacks are deployed successfully, you can access the API end points and the Dashboard using the URLs generated, after deploying the Rainmaker stacks.

Alternatively, you can configure to use the domain names which are specific to your organisation, by configuring the Route 53 service.

Creating a hosted Zone in Route53

The first step is to create a hosted zone which will be associated with your domain registrar.

The detailed steps for creating a hasted zone are in the below link

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingHostedZone.html

Mapping the hosted zone to the DNS registrar

You might be using the services from some other service provider ( e.g. GoDaddy) for Domain name mapping for your organisation.

In this case, you will need to map the hosted zone created in Route 53 to the DNS provider which your organisation is currently using.

The detailed steps for this configuration are mentioned below

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html

If you are using GoDaddy as your DNS provider you can refer to the below link

https://dzone.com/articles/how-to-migrate-dns-from-godaddy-to-aws-route53

Mapping the API Gateway endpoint with the DNS name

Once the mapping between the hosted zone and your current DNS provider is done, you will need to configure the API Gateway endpoint to Route53 hosted zone. Follow Get Base Url steps to fetch the API Gateway endpoint.

The details about mapping the API Gateway endpoint with the DNS name are in the below link -

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-api-gateway.html

Please note, we will need to choose the API endpoint type as "Edge".

After the configuration is done, the API Gateway, Custom Domain names configuration will look as below -

dns1

The Route 53 configuration for API Gateway will look as below

dns2

dns3

Configuring the Domain name mapping for the Rainmaker Dashboard

When the Rainmaker frontend SAR stack is deployed, the required UI components are deployed and a CloudFront distribution is created.

This sets up the Content Delivery Network for Caching the UI and provides SSL connectivity for the UI dashboard.

You can create your organisation specific domain name for this, so that the Admin users will be able to access the Dashboard using the domain name.

To check your CloudFront distribution, search for the CloudFront service from the AWS console

dns4

dns5

The steps to configure the Route53 DNS mapping for CloudFront distribution are in the below link

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html

After the CloudFront distribution is configured with the DNS mapping the CloudFront screen will look as below -

dns7

The Route53 screen for creating CloudFront distribution will look as below -

dns8

Configuring the Location-based Triggers for Weather API Configurations

Create Open-Weather Account:

Begin the process by signing up for an account at https://home.openweathermap.org/users/sign_up.
After signing up, check your email for a verification message and follow the instructions to confirm your email address.
Once your email is verified, you will receive an email containing the API Key, which will become active within the next couple of hours.

Steps for configurating Weather based automation in RainMaker

In Postman, login to Rainmaker using super-admin credentials.

weather-API_1

Access and configure the deployment settings for location triggers by clicking on the following Swagger link: https://swaggerapis.rainmaker.espressif.com/?urls.primaryName=RainMaker%20Superadmin%20APIs#/Deployment%20Setting/cofigureServiceConfiguration

Under the Request body, click on drop down menu & select the location trigger Configurations to see the sample JSON request

weather-API_2

In Postman, create new API request PUT - {{url}}/v1/admin/deployment_settings/config/location_trigger (Follow Get Base Url steps to fetch the {{url}})

Params -

Key Value

service location_trigger

Header -

Key Value

Authorization {{access_key}}

Body -

select raw, click on down down menu & select json
Add below JSON in the body & click on send

Key	Value
service	location_trigger

Key	Value
Authorization	{{access_key}}

{
   "weather_trigger_api_key": "<add_your_key>", 

   "weather_trigger_polling_interval": 30, 

   "weather_trigger_host_url": "https://api.openweathermap.org/data/2.5/weather?units=metric" 

}

Refer below screenshot

weather-API_3

Using Triggers

To get sample request, visit link: https://swaggerapis.rainmaker.espressif.com/#/Automation%20Trigger%20and%20Actions/addAutomationTriggerAction
Under the Request Body, click on drop down menu & select the Add Weather-based Automation trigger
Create new postman API request POST - {{url}}/v1/user/node_automation

Header -

Key Value

Authorization {{access_key}}

Body - Change the node_id value according to the node on which you want to apply automation trigger.

Key	Value
Authorization	{{access_key}}

Using Daylight-based Automation triggers

To get sample request, visit link: https://swaggerapis.rainmaker.espressif.com/#/Automation%20Trigger%20and%20Actions/addAutomationTriggerAction Under the Request Body, click on drop down menu & select the Add Weather-based Automation trigger

weather-API_5

Create new postman api request POST - {{url}}/v1/user/node_automation Header –

Key Value

Authorization {{access_key}}

Body -

Change the node_id value according to the node on which you want to apply automation trigger.