User Verification in Messaging for Web

To learn about and set up User Verification, see User Verification in Salesforce Help.

This section describes the steps you must take from your web client to ensure a personalized and secure conversation between a verified user and an agent. See the associated documentation for each step of this sequence.

User Verification sequence

  1. Before you initialize the API from the code snippet that we provide, add event listeners for two events. onEmbeddedMessagingReady notifies you when the API is ready for requests. onEmbeddedMessagingIdentityTokenExpired notifies you if the identity token has expired.
  2. At some point after the onEmbeddedMessagingReady event is dispatched, pass the identity token to the API using the setIdentityToken method. You must call this API for every tab or window where you want the user to have an authenticated conversation. Since the token is stored in the browser’s memory, you must also call this method after a page refresh. JWTs must be signed using the RS256 algorithm.
  3. When the identity token expires, the onEmbeddedMessagingIdentityTokenExpired method is dispatched. You have approximately 30 seconds to update the token and call the setIdentityToken method with the new token. If you don't respond within 30 seconds, the messaging session and user data are automatically cleared.
  4. When the user logs out, call clearSession. This method clears all messaging and user data from all tabs and windows. When the API is ready for another conversation, onEmbeddedMessagingReady is dispatched again.

Be sure to call setIdentityToken for every tab or window where you want access to the authorized messaging conversation. Also, call clearSession when the user logs out.

This sample code illustrates how you can implement the key steps of this sequence.

The Messaging for Web reference documentation describes these methods in more detail.

If your Messaging for Web deployment is on an Experience Cloud site, be sure to follow the instructions in Salesforce Help on how to add JavaScript code to the head markup section of your site. See Configure a Messaging for Web Deployment in an Experience Builder Site.