Enable corporate anonymous users check

Guidelines for the activation and deactivation of corporate anonymous users check, both general steps and specific ones for the use case under development

Prerequirements

Request to Kernel and OB Operations Teams to provide a purpose for aura-bot client in Kernel that provides access to UserProfile API via client credentials flow. It should be something like aura-bot-search-customer-purpose.
Request to Kernel to update the aura-bot client in Kernel to include the new purpose in client credentials flow. For instance:

        {
            "name": "client_credentials",
            "scopes": [
                "whatsapp:app-admin",
                "whatsapp:app-messaging",
                "whatsapp:manage-templates"
            ],
            "purposes": [
                "auraid-admin",
                "aura-bot-search-customer-purpose"
            ]
        }

Activation

Set the following environment variable in aura-bot configmap or in the configuration file of the environment.

AURA_FP_CLIENT_CRED_PURPOSES: aura-bot-search-customer-purpose

Activate the validation in the corresponding channels. These channels must support anonymous users and the identifier coming from the channel must be a phonenumber, WhatsApp based channels, for instance. Add the following settings to your channel configuration:

    "security": {
        "anonymous": "identifiable",
        "anonymousSettings": {
            "checkPromptedNumber": false,
            "enableUserProfile": true
        }
    }

Further information regarding these settings is found in anonymousSettings and aura-configuration-api component.

Last modified November 11, 2025: feat: Clean up of Living Apps related stuff #AURA-30761 [RTM] (c97ca748)