Aksita.ai Tutorials
Actions

Login Actions

Collect and store user information for personalized experience

What is Login Action?

Login Action is a special action type used to collect and store user information into Persistent Context. This allows your agent to "remember" who the user is and provide personalized and contextual experience.

Example Use Cases:
  • • Login with username & password
  • • Verify phone number with OTP
  • • Authenticate with email & token
  • • Login with customer ID
User Identification

Verify user identity through external API

Store Context

Store user information in Persistent Context

Private Actions

Unlock access to other Private Actions

Prerequisites

Persistent Context Enabled

Login Action can only be created if Persistent Context is enabled in Agent Settings.

Login/Verify API

You need an API endpoint to verify user credentials and return user data.

How to Create Login Action

1

Open Resources Page

Go to your agent page and click the "Resources" tab in the top navigation.

Agent Page

Resources tab on agent page

2

Click Create Action

In the Actions section, click the "Create Action" button.

3

Select "Login" Type

From the action type options, select "Login".

4

Fill Action Configuration

Action Name

Give it a descriptive name like "Login with Email" or "Verify OTP".

Login with Email & Password
Description

Explain in detail what this action does. This helps the LLM decide when to execute the action.

Verify user identity with email and password. If successful, store user ID, name, email, and token for use in subsequent actions.
API Configuration
POST
https://api.example.com/auth/login
Content-Type: application/json
{
  "email": "<email>",
  "password": "<password>"
}
Parameters to Collect

Define what parameters need to be collected from the user:

email - User email
password - User password
5

Map Response to Context

The most important part of Login Action is mapping the API response to Persistent Context. Here you define which fields will be stored.

Example API Response: { "success": true, "data": { "user_id": "12345", "name": "John Doe", "email": "john@example.com", "phone": "+6281234567890", "token": "eyJhbGc..." } }
Context Mapping:
data.user_id user_id
data.name name
data.email email
data.phone phone
data.token token
6

Set Success Condition

Define the condition that indicates successful login. This helps the agent know whether to retry or not.

response.success == true
status_code == 200
7

Save and Test

Click "Save" to save the Login Action. Now try testing it in the chat interface!

Login Action is ready to use!

How Does Login Action Work?

1
User Starts Conversation

User talks to the agent. Agent detects that there is a Private Action requiring login.

2
Agent Requests Login

Agent will ask the user to provide credentials (email, password, or other required information).

3
Verify via API

Agent sends credentials to your login API for verification.

4
Store Context

If successful, the system stores user data from API response into Persistent Context.

5
Context Available

Now all Private Actions can access this context. User doesn't need to login again until session expires.

Recommended Context Fields

Here are commonly used context fields. You can customize according to your needs:

user_id

Unique user ID in your system

name

User full name

email

User email

phone

User phone number

token

Authentication token for API calls

company_id

User company ID (B2B)

Tip:

Store fields that are frequently used in Private Actions. For example, if Private Actions need user_id and token, make sure both fields are stored by the Login Action.

Security & Session

Secure Storage

Context data is stored securely in database and can only be accessed by the agent and the user who owns the session.

Session Management Modes

System supports two session management modes that can be tailored to your needs:

Fully Persistent (Default)

Sessions never expire, active until user logs out manually

Time-Based Expiration

Token expires after set time, can auto-refresh before expiration

  • Store refresh_token and expired_at
  • Create Private Action for refresh
  • Agent auto-refreshes before expiration
Don't Store Passwords

Never store user passwords in Persistent Context. Store only data needed for identification and authorization (such as user ID and token).

Best Practices

Clear Description

Provide detailed description of what credentials are needed and what they're for.

Backend Validation

Always validate credentials in your backend API, don't trust user input.

Use Tokens

Store authentication token in context for use in Private Actions.

Handle Failures Gracefully

Set clear failure conditions so agent can provide appropriate feedback.

Store Essential Fields Only

Store only data that is truly needed for Private Actions.

User-Friendly Feedback

Ensure API response provides clear error messages for users.

Troubleshooting

Login Action doesn't appear

Solution:

  • Ensure Persistent Context is enabled in Agent Settings
  • Refresh the page and try again
Context not saved after login

Solution:

  • Check response mapping to context fields
  • Ensure API response path is correct (e.g., data.user_id not user_id)
  • Check success condition, ensure it matches API response
Agent doesn't request login

Solution:

  • Ensure there are Private Actions requiring login
  • Provide clear description in Login Action about required credentials
  • Test by trying to trigger a Private Action
Session expires too quickly

Explanation:

Session is extended each time the user interacts. Default expiry is 24 hours of inactivity. This is normal behavior for security.

Next Steps

HTTP Actions

Learn how to create Private Actions that use context

Agent Settings

Configure Persistent Context and other settings