Articles in this section

Authenticated Visitors (Non-MS Portals)

You can set up an engagement to pass contact information from an existing CRM record to an Agent when the visitor is authenticated.

High Level Sequence

  1. The user must authenticate against your Web Service.
  2. Your web application must query your CRM instance and determine the Contact GUID.
  3. Your web application must build and sign a JsonWebToken.
  4. The JWT must be available in your visitor's browser.
  5. When the user clicks engage a chat initiates.
  6. Live Assist calls a named method to retrieve the JWT to retrieve the participant's GUID
  7. Live Assist contacts the CRM with the participant's GUID
  8. When the Agent accepts the chat, can pop the correct contact record.

auth-plantuml.png

Preparing your Web Application

To prepare your Web Application to build a OAuth Token:

  1. Generate a RS256 public and private key pair.
    • These are used to build the JWT that Live Assist receives.
    • Important: Live Assist only supports RS256 signed JWTs.
      openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
openssl rsa -pubout -in private_key.pem -out public_key.pem

Setting up Live Assist for Authenticated Chats

Live Assist needs the following configuration:

Parameter Value
Type oAuth 2.0 authentication
Authentication Endpoint Leave Blank
JWT Public Key

The value of the public key of your Web Application. You need to remove the line-breaks.  You can do this by pasting the key into a text editor, and pressing "Backspace" at the start of each line (below the first one).

You will also need to remove the
-----BEGIN PUBLIC KEY-----  
and
-----END PUBLIC KEY-----
tags from the key. 
JS Method Name The method name the Live Assist engagement will call depends on your client.
The default values for our example clients is: authoriseChatWithCallback
See: Client Application Code
JS Context Leave Blank

authConfig.png

Building the JWT

Your application must produce a signed JsonWebToken (JWT) that contains the GUID of the Contact Record for the authenticated visitor. Live Assist will retrieve the JWT from the client and use it to retrieve the GUID.

To build and sign the JWT your web application must perform the following:

  1. Find the appropriate GUID stored on the Contacts Table within your CRM.
    • Important: Your web application must manage this process and it is outside of the scope of this guide to provide steps retrieving the information from the CRM.
  2. Your web application must construct a JSON payload, substituting the GUID, as follows:
     payload = { 
        "sub" : "Contact GUID",
    "given_name" : "Contact's first Name",
        "family_name" : "Contact's family Name",
    "iss" : "FQDN of your website",
    "iat" : DateTime.now.strftime('%Q').to_i / 1000,
    "exp": (DateTime.now.strftime('%Q').to_i + 7200) / 1000
 }
    • Note: The iat and exp claims are required to be in seconds rather than miliseconds. They should also be provided as numbers and NOT as string (in quotes).
  3.  Your application must build the JWT. 
    For example, if your web application is Ruby the code may do the following:
    private_key_file = 'private.pem';
@my_payload = payload;
@private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))

//Use a jwt library from https://jwt.io/ to encode the GUID payload
//For example: gem install jwt
@token = JWT.encode @my_payload, @private_key, 'RS256'
  4. Your application must pass this token to the participant's client application.
    • Note: Performing this step is outside of the scope of the article.

Client application code

To allow the Live Assist Engagement to retrieve the JWT your web application sends it, your client application must define the method you provide when configuring Live Assist.

Browser or Javascript Clients

Our example Live Assist method name is: authoriseChatWithCallback
function authoriseChatWithCallback(callback) 
{
    console.log("Get JWT");
    try
    {
        console.log("JWT from Web Application: " + "<YOUR JWT STRING>");
        callback("<JWT STRING HERE>");
    }
    catch (e)
    {
        console.error(e);
        callback(null, "Unable to generate key");
    }
};

iOS Clients

If you are following Live Assist for 365 and iOS SDK, the method name is: authoriseChatWithCallback.

The authString attribute requires your visitor's JWT.

For a partial implementation see: iOS Authenticated Chat Example

Android Clients

If you are following Live Assist for 365 Android SDK, the method name is: authoriseChatWithCallback.

The jwt attribute requires your visitor's JWT.

For a partial implementation see: Android Authenticated Chat Example

Agent Pop-out

When the Agent accepts the chat, Live Assist uses the JWT to locate the Contact Record. To have the contact record pop out, the Agent must tick their Auto-open Chat Activity option.  Otherwise, an Agent must open the Chat Activity to associate the contact record.
Note: Auto-open Chat Activity is not available in Microsoft Unified Interface.
Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles