Recent searches


No recent searches

Authenticating end users for messaging



image avatar

Aimee Spanier

Zendesk Documentation Team

Edited Dec 23, 2024


3

158

158 comments

image avatar

Mick O'Donnell

Zendesk Product Manager

Hi all,

I can confirm that we're currently to delivery for this update of displayed verified email address in Agent Workspace once the end user is authenticated by the end of this month (January).

8


Hello Zendesk,

Just wondering if you have an ETA on the current limitation on Email addresses in Agent Workspace

This limitation has been around since 2022 must is a much required feature in agent workspace, without it, it is not a viable end user solution.

2


Hi, is this valid for Sunshine Conversation as well? If I send the external_id on the SunCo JWT the user is not recognized on Zendesk

2


Hi!

we authenticate our users through SSO, does we still need implement JWT here?

I thought as user is login and have access to Ticket History and more, starting a Messaging chat, is auto detect them, easy and smooth, seems not, will this address to be more easy in future?

Does Zendesk Authentication do it different compare to SSO? (Auto Detect Organization, Name) when opening Messaging or also JWT is required here?

Thanks.

 

 

0


Hi Mick,

Are we still on track to fix the email missing from authenticated users this month? 

Looking forward to that feature!

3


Hi Mick,

Any updates on this email issue / date of delivery? What is the recommended work-around to get an email value for an authenticated user at time of ticket?

1


Mick O'Donnell

Hello, what is the status of relaying email addresses to the agent workspace with the authentication feature?

0


Hey, 

When I go to the admin center -> end-user authentication

I don't have any messaging tab. 

What could be the issue? 

Thanks! 

0


image avatar

Mike DR

Zendesk Customer Care

Hi Mor!
 
You would need to have an active Zendesk Support account in order to have Messaging enabled. The feature you're looking for will show up once Messaging is enabled for your account.

1


Thanks Mike, will do

0


Mick O'Donnell any news for this update of displayed verified email address in Agent Workspace?
Thanks

We are dealing with this on 1 env already and it is one of the blockers to start using messenger on others.

1


Hello! I tried to send custom user fields inside JWT token payload while authenticating  a user. But it looks like these custom user fields are not filled if I check them in the related user request on the dashboard

1


Mick O'Donnell Did you manage to get this feature released in January? :-)

0


When the returning end-user authenticates mid-conversation, a Ticket 2 will automatically close with `closed_by_merge` tag, and the conversation will continue in the original Ticket 1.

What I find confusing is that this closed Ticket 2 does not have any link to Ticket 2. So the agent can't follow up. Can it be fixed somehow? 

0


image avatar

Prakruti Hindia

Zendesk Product Manager

Hi everyone,

Thank you for your patience. We have rolled out support for authentication using signed email. You can find more information in the announcement post

- Prakruti

2


AntonMi I have noticed that too.
Even ticket is visible in the user thread, it would be nice to have internal note added to it, same we have when we manually merge 2 tickets.

1


image avatar

David

Zendesk Customer Care

Hi Anton

If that ticket is closed/merged, the agent shouldn't need to follow-up to the closed ticket as that conversation is in the original ticket now.  

0


That's exactly the issue -  The ticket closes, and the agent has no easy way to find the original ticket, where the conversation continues.

0


image avatar

Jahn

Zendesk LuminaryCommunity Moderator

Hi @Prakruti Hindia - will this Announcing authenticating messaging end users using signed email fix the web user issue that we are still having? 

0


image avatar

Bobby Koch

Zendesk Luminary

does this article need updating in the limitations section? we are confused 

0


image avatar

Bobby Koch

Zendesk Luminary

0


Our users sign into the Help Center.  We then want to chat with them.  When a ticket is created from the chat it creates a new generic user, it does not use the profile of the signed in Help Center user.  Do we have to treat the Help Center like a third party app and build some sort of authentication into the chat, even though the user is already signed into the Help Center?

0


Hey Thomas, What do mean by adding that code snippet to the Help Centers's head.  How are you doing this?  Form what I'm seeing, my company has setup and managed the help center all from the zendesk UI.  It is completely separate from our application's codebase. 

0


Hi Thomas, I am also interested in knowing if and how we can access the Zendesk Help Center source code. Unless you meant a custom help page created by us clients?

0


Thanks Thomas

I see the issue now - we don't have the option to edit the code with our current theme free plan. I will keep this in mind.

0


The last paragraph doesn't match what we're seeing in production, and seems to contradict itself:

Zendesk uses the external ID as the primary identifier, with email addresses being used only if no matches are found for the external ID. 

So we expect that if we send the `external_id` and `email` in the JWT, and the `external_id` is not matched to a user, but the `email` is matched to a user,  that user is authenticated. However, we observe some vastly different outcomes depending on whether we're testing in Sandbox vs. Prod, or whether the user has a verified or unverified email address, or whether we include `email_verified` in the JWT, but there is no scenario we've seen where a user is authenticated as an existing user when the `email` matches and when the `external_id` doesn't. We see instead, a new user is created, or the login request fails. The latter outcome seems to agree with the next sentence following the one above:

If, however, an email address presented in a JWT is already associated with a different external ID, Zendesk rejects the JWT and the end user's login attempt fails.*

Which is essentially saying “if the external_ids don't match, but the emails do, we authenticate the user, except if the external ids don't match”. So my question would be under what circumstances exactly would the `email` be used to authenticate the user as a fallback when the external ids don't match?

* this was not the case in sandbox testing, where we never saw logins fail, and a new user was created each time, which was seriously confusing why sandbox would behave different than prod. The results were also different in that depending on the user's email verification status, the newly created user would inherit the email, and multiple results would be returned from the API search endpoint when querying on the email. This all made testing and implementation incredibly difficult. 

4


Does anyone have an example of authentication with nextjs? 
Today the use is script, ex

<script

id='ze-snippet'

src='https://static.zdassets.com/ekr/snippet.js?key=123456'

/>

0


Hi, 

I need guidance on managing the login between the web login and the Zendesk end-user messaging login to keep them both synchronized.

Typically, I set the web session and JWT token to expire at the same time. However, there may be additional scenarios as follows:

  1. If the user logs out from the web, it should also force a logout on Zendesk messaging. (In this case, the user did not click the logout button but closed the screen, and the web session expired on its own).
  2. If the JWT token expires but the user is still active on the web, I want to create a new JWT token. When the JWT token expires, is there an event that can detect the expiration of the JWT token so that the web can call to create a new JWT token?

0


zE('messenger', 'loginUser', function (callback) {
  callback(token);
})
I get 401 authentication error, and I want to know how to catch this error.  I use try/catch for callback(token), but it's not work.
Thanks

0


Please sign in to leave a comment.