Using restricted Help Center content with the Web Widget

Have more questions? Submit a request

34 Comments

  • Javier Abadía
    Comment actions Permalink

    We show help center content in the web widget, but the images are not shown if the user is not logged in the zendesk site (we have SSO configured).

    If end-user clicks on "view original article" then SSO happens, the user is logged in and from that moment on, all images part of help content are correctly displayed.

    What is the correct way to SSO authenticate the user with help center so that images are correctly displayed IN the widget?

    Thanks!

    3
  • Krassmann, Konstantin - COREDINATE DE-UFF
    Comment actions Permalink

    I want the widget to be loaded on demand, not just everytime the user enters the page. 

    There are two cents: 
    - Trying to load the script with $.getScript (for example) throws

    Error: Key is missing from snippet
    at new e (asset_composer.fb4a55c4f794453a91d7.js:1)
    at asset_composer.fb4a55c4f794453a91d7.js:1
    at f (asset_composer.fb4a55c4f794453a91d7.js:1)

    Solution: Dont forget to set the ID of the inserted script Tag ("ze-snippet")

    var s,
    r,
    t;
    r = false;
    s = document.createElement('script');
    s.id="ze-snippet";
    var head = document.getElementsByTagName("head")[0];
    head.appendChild(s);
    s.type = 'text/javascript';
    s.src = <your url with key>;




    1
  • Devan - Community Manager
    Comment actions Permalink

    Hello Mathew,

    This is something that isn't within the capabilities of the base program. I've gone ahead and linked an article below that going into further detail on renaming you subdomain in case you have any other question on the topic.  

    Renaming Your Subdomain 

    0
  • 黄明就
    Comment actions Permalink

    server: 

    var payload = {
    iat: new Date().getTime(),
    jti: uuid.v4(),
    name: username,
    email: username + '@xxxx.com'
    }
    var token = jwt.sign(payload, config.zendesk_end_user_login_share_key)

    browser:

    window.zESettings = {
    webWidget: {
    authenticate: { jwt: getCookie('zendesk_jwt') },
    offset: { horizontal: '0px', vertical: '0px' },
    contactOptions: {
    enabled: true,
    contactButton: {'zh': '聯繫我們'}
    }
    }
    }

    browser result:

    Invalid message(s): * Could not be verified

     

    why?

    About this jwt, i can login about this https://support.zendesk.com/hc/en-us/articles/203663816-Setting-up-single-sign-on-with-JWT-JSON-Web-Token-

    0
  • Garrick Rohm
    Comment actions Permalink

    Hi 黄明就,

    My name is Garrick - I'm a member of our Tier 3 Support Architect team and I'm here to help! Since this appears to be an issue with your specific implementation, I'm going to reach out to you via a Ticket for us to troubleshoot the issue. I'll be in touch shortly.

    0
  • Daan V
    Comment actions Permalink

    What are the values of the customer username and customer email used for?

    0
  • Javier Abadía
    Comment actions Permalink

    just did... thanks!

    0
  • Edgar Cruzado
    Comment actions Permalink

    Hi Erica, I am working on the same functionality as Michael, what was the final answer?

    0
  • Erica Wass
    Comment actions Permalink

    @Edgar, please contact support@zendesk.com and our advocacy team should be able to assist you. Thanks!

    0
  • Diogo Maciel
    Comment actions Permalink

    Hi Javier!

     

    Please send an email to support@zendesk.com with more details about your scenario, as we will need to investigate your account to understand better the desired outcome. Thank you!

    0
  • Eric Nelson
    Comment actions Permalink

    Hey Atif, 

    I'm going to move this into a ticket for you since we have to go through some account specific info with you to troubleshoot. I'll see you in the ticket shortly! 

    0
  • Debbie Guskin
    Comment actions Permalink

    We have "anybody can submit tickets" disabled in our Support->Customers settings, which means people need to login in order to submit a ticket. Can we use this Shared Secret + JWT option to allow ticket submission from the Web Widget? We had to disable this feature in our widget because it did not work with our closed Zendesk.

    0
  • Vahid Kowsari
    Comment actions Permalink

    We seem to have the same problem as 黄明就. I always get could not be verified. Can this token be the same JWT token as we generate for the Guide authentication?

    0
  • Hoff Ho
    Comment actions Permalink

    I have the following piece of code which works perfectly in Chrome but not IE 11:

    <script type="text/javaScript">window.zESettings = {webWidget: {authenticate: {jwt: <?php echo json_encode($wsstoken); ?>}, helpCenter: {suppress: false, filter: {category: '200322819-Practice'}}}};</script>

    I have a valid $wsstoken, and the category '200322819-Practice' has restricted access hence the JWT required. The behaviour in IE as if the JWT authentication does not work. FYI I have also tested the filter of a category which does not have restricted access and that worked as expected.

    Do you have any suggestion on how to get this to work in IE 11?

    0
  • Vahid Kowsari
    Comment actions Permalink

    Hi Alexander,

    So we do generate a different token each time for SSO and for the guide, what I meant was that it is the same algorithm and the same parameters. We are using the same algorithm and get Could not be verified. Is there anyway to debug this?

    0
  • Devan - Community Manager
    Comment actions Permalink

    Hello Daan,

    Yes is it used for authentication and will be what ties them to any tickets created for them or by them. 

    0
  • Erica Wass
    Comment actions Permalink

    Michael: I see you have a ticket for this so I'll reach out there for some additional details on what you are seeing. 

    0
  • Raviraj Patel
    Comment actions Permalink

    Hi there,
    I have followed all the steps as mentioned in the article but facing an error for the Authentication. How to validate JWT token as there's not a sample for .Net in case I am missing anything.

     

    Thanks,

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hi Debbie,

    I reached out to our team internally and it looks like authenticated ticket submission is not yet supported but it's on the roadmap. That being said, it may be possible to still set this up, however, unauthenticated users would still see the contact form within the widget. They just wouldn't be able to actually submit the ticket unless they were authenticated.

    Hope this information helps!

    0
  • Devan - Community Manager
    Comment actions Permalink

    Hello Daan,

    The user name is generally the email of the customer. Let us know if there is anything else we can clarify for you.

    Best regards!

    0
  • Bryan Flynn
    Comment actions Permalink

    One thing Raviraj Patel to check is make sure the generated JWT is valid. You can paste it into  https://jwt.io/ and see if it's valid. Otherwise, providing more specific errors from the your browser's network tab and console might be a good next step.

    0
  • Atif Ehsan
    Comment actions Permalink

    Hi - any help regarding above comment? Thanks!

    0
  • Jessie Schutz
    Comment actions Permalink

    Hi Javier! Welcome to the Community!

    I'm going to check on this for you, because I'm not totally sure of the answer. Stand by!

    0
  • Zach Boone
    Comment actions Permalink

    Hello,

    I am trying to configure a web widget for a restricted help center.  Ideally I need to be able to test the web widget while running my application from localhost.  I added localhost to this list of whitelisted domains, but while running the application from localhost I only see the contact form and not the articles from the help center.  However, when running the application from our dev url that is also whitelisted I get the articles to appear.  Any help would be appreciated.

    0
  • Sean O'Hara
    Comment actions Permalink

    This is amazing! Extremely helpful!!!

    0
  • Vahid Kowsari
    Comment actions Permalink

    Actually I realized that the shared secret was different between the SSO token and the web widget token. You must use the appropriate shared secret for each.

    0
  • Ross Tollefson
    Comment actions Permalink

    There's something in here that may be confusing people.

    The shared secret generated at Settings -> Widget -> Security Settings -> Configure looks like a hexadecimal number but it isn't. It's just a regular string that should be parsed into bytes as UTF-8 before being passed to the SHA256 algorithm.

    The fact that it only uses hexadecimal characters makes it look like it should be parsed as a hexadecimal number. I spent a day doing that and getting the "* Could not be verified" 400 error before figuring out what the issue was. The documentation above really should clarify this.

    0
  • Michael Thomas
    Comment actions Permalink

    Hello,

     I have this implemented nicely on our companies platform however I seem to have an issue. I am working on re-authenticating a user on our platform while they stay logged in but your widget seems to not support this? The advice for removing the restricted article access authentication is to call zE.logout() but there is not the relevent zE.login() function to enable access. I am wondering if it is intended to only reset the window.zESettings with a new JWT token to reauthenticate? Note that this is only for a repeat authentication and not the initial one while also not logging out of our platform.

    Thank you.

    0
  • Daan V
    Comment actions Permalink

    Thanks Devan, but is that used for anything, like authentication/matching to the users in Zendesk?

    0
  • Ramesh Doddi
    Comment actions Permalink

    Hello, Server side (Rails) eg.

    current_time = Time.now

    payload = {:name => current_user.name,:email => current_user.email,:iat => current_time.to_i,:external_id => current_user.id,:exp => (current_time + 1.minutes).to_i}
    jwt = JsonWebToken.encode(payload,token id,current_time)
     
    frontend (angular)  i added required code snippet shared in the documentation. eg
     
    window.zESettings = webWidget: authenticate: chat: jwtFn: (callback) ->
      fetch(xxxxxxxxxxxxxxxxx/gettoken.json?id='+ vm.employee.id).then (res) ->
         res.json().then (jwt) ->
             callback jwt
             return
            return
        return  
     
    But jwFn function never get executed to get token from my backend. could you please help if i miss anything??
     
    0

Please sign in to leave a comment.

Powered by Zendesk