Widget Visitor Authentication

Options for verifying and authenticating a visitor to your widget.

Overview

Authenticating and verifying a user of your widget can be important for many of the tasks your agent or chatbot might be performing.

MedChat provides multiple ways to go about authenticating and verifying a user:

Signed JSonWebToken Passthrough to the Widget

A signed JSonWebToken is the industry standard for passing claims securely between two parties. Typically, this is the method you will want to use if the user is already signed into your web page and you simply want to notify agents or a chatbot of the identity of the end-user.

In addition, we do allow for passing this token after a chat has already started if the user needs to be prompted to sign in to your web page. You can also un-verify a user if they sign out of your system. In both cases, any agents working with the user will be notified of the updated status.

JSonWebToken Passthrough


Verify User with a Chatbot

Another option is to verify the user's identity in chat by asking security questions or verifying the user's email address or mobile phone number. For a user who is pre-registered, this will require a chatbot to be created that has a VerifyUser step. For users who are not pre-registered with MedChat, in addition to a chatbot with a VerifyUser step, you will need to create an external bot in order to pass user verification configuration to MedChat via our API.

For verification via pre-registration see: Registered Chats and Verifying Chat Users

For verification via external bot see: Setting User Verification Configuration and Verifying Chat Users