Once you've registered as an RBM partner, you have a partner account. To access your partner account settings, open the Business Communications Developer Console and click Partner account settings. From here, you can do the following:
- Update your partner account information
- Add, edit, and remove the brands linked to your account
- Manage account users
- Create a service account and key to authenticate API calls
Update partner account information
From the Settings page, you can view your partner ID and update the following information:
Field | Description |
---|---|
Partner name | Name of your partner account |
Display name | Name will appear in the
RBM billing reports that carriers receive (as the owner_name
field). Carriers will use this to identify you as a trusted partner and to
ensure they generate the correct invoicing information for your use of RBM
to reach their subscribers. The name you provide here should align with the
name used in your carrier messaging contracts. |
Technical point of contact | The person Google will contact if there are any technical issues with your agents. You can update their
|
Webhook | This is your webhook endpoint URL. Click Configure to update it. When you configure your partner webhook, it applies to all of your agents. If you want to use a different webhook for an individual agent, you can configure an agent webhook that will only apply to that agent. |
Manage brands
As an RBM partner, you can create agents on behalf of brands.
Use the Brands page in the Account settings to add, edit, and remove the brands associated with your partner account.
Add a brand
To add a brand, enter its name in the input field and click Add.
Edit a brand
To edit a brand:
- Click the checkbox next to the brand's name.
- Click the button, and click Edit name.
- Make your edits, and click Done.
Remove a brand
A brand can't be removed if it's associated with an agent, even if the agent is not launched.
To remove a brand, click the checkbox next to the brand's name, and click Delete.
Manage users
The Users page in the Account settings is where you manage the users of your partner account. The user who created the partner account has the role of Owner. New users can have the role of Manager or Reader.
- Managers can access all the capabilities of the Developer Console, to manage any and all agents belonging to the partner account.
- Readers have read-only access to the Developer Console, to view any and all agents belonging to the partner account.
Add a user
To add a user, enter their email address in the input field and select their Role.
When you add a new user, they receive an email notifying them that they have access to the partner account.
Remove a user
To remove a user:
- Find the user you want to remove, and click the button in their table row.
- Select Remove user.
- Confirm the removal.
The user you removed receives an email notifying them that they no longer have access to the partner account.
You can't remove a user with an Owner role. To change or remove the Owner, you need to reach out to support.
Change a user's role
To update a user's role:
- Find the user you want to update, and click the button in their table row.
- Select Edit role.
- Choose a new role from the drop-down.
- Click Save.
Set up service account to authenticate API calls
When you make calls to the RBM API, you authenticate calls with a service account key. This key lets you create and manage brands and agents, and to send messages and requests as an agent. A service account can have up to 10 keys.
To securely authenticate API calls, you also need the oauth2l command line tool.
Follow these steps to generate a service account key:
- In the Account settings, navigate to the Service account page.
- Click Create key, then click Create. Your browser downloads the service account key.
Store your service account key in a secure, private location. Don't share your key publicly. You'll need this key later to access the RBM APIs.
Configure your partner webhook
A webhook is a partner-created HTTPS callback that specifies how your agent should respond to messages and events. Once you configure your webhook, you can start receiving messages and events.
If you want to use a different webhook for any of your agents, you can set up an agent-level webhook that will override the partner webhook. For more information, see Configure an agent webhook.
To configure your partner webhook, follow these steps:
Open the Business Communications Developer Console and sign in with your RBM partner Google Account.
Open the Account settings.
For RCS Business Messaging webhook URL, click Configure.
For Webhook endpoint URL, enter your webhook URL beginning with "https://".
Note your
clientToken
value. You need it to verify that messages you receive are coming from Google.Configure your webhook to accept a
POST
request with the specifiedclientToken
parameter and send a200 OK
response with the plain text value of thesecret
parameter as the response body.For example, if your webhook receives a
POST
request with the following body content{ "clientToken":"SJENCPGJESMGUFPY", "secret":"1234567890" }
then your webhook should confirm the
clientToken
value and, ifclientToken
is correct, return a200 OK
response with1234567890
as the response body:// clientToken from Configure const myClientToken = "SJENCPGJESMGUFPY"; // Example endpoint app.post("/rbm-webhook", (req, res) => { const msg = req.body; if (msg.clientToken === myClientToken) { res.status(200).send(msg.secret); return; } res.send(400); });
In the Developer Console, click Verify. When RBM verifies your webhook, the dialog closes.
For handling webhook delivery failures and ensuring reliable message processing, see Message handling.
Verify incoming messages
Because webhooks can receive messages from any senders, you should verify that Google sent incoming messages before processing message content.
To verify that Google sent a message you received, follow these steps:
- Extract the message's
X-Goog-Signature
header. This is a hashed, base64-encoded copy of the message body payload. - Base-64-decode the RBM payload in the
message.body
element of the request. - Using your webhook's client token (which you specified when you set up your webhook) as a key, create a SHA512 HMAC of the bytes of the base-64 decoded message payload and base64-encode the result.
- Compare the
X-Goog-Signature
hash with the hash you created.- If the hashes match, you've confirmed that Google sent the message.
If the hashes don't match, check your hashing process on a known-good message.
If your hashing process is working correctly and you receive a message that you believe was fraudulently sent to you, contact us.
Node.js
if ((requestBody.hasOwnProperty('message')) && (requestBody.message.hasOwnProperty('data'))) { // Validate the received hash to ensure the message came from Google RBM let userEventString = Buffer.from(requestBody.message.data, 'base64'); let hmac = crypto.createHmac('sha512', CLIENT_TOKEN); let data = hmac.update(userEventString); let genHash = data.digest('base64'); let headerHash = req.header('X-Goog-Signature'); if (headerHash === genHash) { let userEvent = JSON.parse(userEventString); console.log('userEventString: ' + userEventString); handleMessage(userEvent); } else { console.log('hash mismatch - ignoring message'); } } res.sendStatus(200);
Next steps
Now that your partner account is set up, it's time to build your first agent.