English (US)

Can Zendesk tell me when a customer is currently logged in

Andrew Wells

Problem statement:

Due to limitations of the messaging widget on the help center we are unable to prompt a user to login prior to speaking with an agent. This creates possibly security and technical issues within Zendesk/support.

Security issue:

When a customer is not logged in and engages in messaging from the help center, they are asked to supply their name and email address, however anyone can enter any email address. The risk here is impersonation of existing clients with no way of automatically validating the customer.

Technical issue:

When a customer who is not logged in engages in messaging from the help center and then enter their name and email address, if an existing user's email address provided, Zendesk creates an additional user record for the same user. This is believed to be intended behavior; however, it causes issues with customer and ticket management resulting in agents having to manually go in and merge the user objects.

The ask:

How are folks addressing these issues? Is there a way for me to reliably detect if a customer is successfully logged into Zendesk through ZAF or some other means which I can code into our instance? Does Sunshine messaging address these concerns? Any feedback would be appreciated.


Thanks!!!

1 Comments

  • Ahmed Zaid
    User Group Leader Community Moderator

     Hi Andrew Wells,

    The only way to tell if the user you are chatting with is logged in is through JWT signed by a pre-generated secret from Zendesk. See Authenticating end users in messaging for the Web Widget and mobile SDK.

    It is important to train agents to monitor the verification tick in agent workspace:

     

    You might have noticed the limitation where only external_id is used to identify end user and email attribute is being ignored even if it was included in the JWT. However, this was announced to be on the roadmap for Q1 2023 as I noticed on one of the topics (don't quote me on that though as I am not from Zendesk). The current workaround that I thought of (but not implemented personally) is syncing your end user external ids from your system to Zendesk, or provisioning SSO for end users.

    Best of luck.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post
Powered by Zendesk