How to Send JSON Web Token (JWT) of Authorized Customers to Secure Messenger

Before sending the JWT of the authorized customer to Secure Messenger, you need to ensure that you have accomplished the following pre-requisites:

  • Configured JWT validation: Navigate to Ticketing & Messaging > Channels > Secure Messaging. For the selected  Secure Messenger, go to the Security tab and choose from the available token validation methods. To learn more about JWT validation, see this article
  • Provided the Secure Messaging Contact Identity Key name: Navigate to Ticketing & Messaging > Channels > Secure Messaging. For the selected Secure Messenger, go to the Security tab and provide the Secure Messaging Contact Identity Key name. To learn more about JWT validation for Secure Messenger, see this article.
  • Specified the URLs to allow embedding Secure Messenger: Navigate to Ticketing & Messaging > Channels > Secure Messaging. For the selected Secure Messenger, go to the Security tab and provide the URLs to display Secure Messenger. To learn more about URLs, see this article.

Once you are through with all the pre-requisites on the Comm100 Control Panel, you need to navigate to the Installation tab and copy the Comm100 installation code to the web page. This will load embedded Secure Messenger on your webpage.

kb_installation.png

There are two variable placeholders, Contact JWT and Comm100 JWT in the Comm100 installation code. One of them needs to be dynamically generated for each authorized customer on your website and passed to Comm100 through the variables. 

kb_jwt_installation.png


Contact JWT    

You need to generate (use if there is one already available) a standard JWT for the authorized customer and pass the token to Secure Messenger to know the identity and details of the logged-in customer using Secure Messenger.     

Secure Messenger receives this JWT and verifies the signature to ensure that the request comes from an authorized source. The identity field will uniquely identify the customer for Secure Conversation over the channel. 

Generating Contact JWT 

You can generate Contact JWT using either of the two options: 

  • Using an existing JWT associated with a current logged-in customer. For example, if you are already using an identity provider (IDP) server, which generates a JWT for the customer with the required information.
  • Using any JWT library to generate a new JWT for a logged-in customer. 
Note: There must be an identity field and an expiry date of the JWT for its usage.

Optionally, if you want to enrich your customer’s contact information, you can add the optional attributes in the JWT payload. 

For example:

 
{

  "comm100.name": "mark tylor",

  "comm100.alias": "mark",

  "comm100.title": "Mr",

  "comm100.company": "healthify",

  "comm100.fax": "1234567898",

  "comm100.phone": "1234567896",

  "comm100.mailing_address": "new test mailing address",

  "comm100.city": "New Jersey",

  "comm100.state": "New York",

  "comm100.country": "US",

  "comm100.zip_address": "95039",

  "comm100.email": "healthify@testing.com",

  "comm100.sms": "9876543210"

}

Signing Contact JWT 

The signing of Contact JWT happens dynamically based on the configured method you choose from the Comm100 Control Panel:

  • Public Key or JWKS: If you have configured with either Public Key or JWKS method, sign using the Private Key.
  • Shared Token: If you have configured with the shared token method, sign using the shared token.

Passing Contact JWT 

Once your JWT is generated and signed successfully, it is passed dynamically in the code while loading Secure Messenger on your website or page for every customer.


Comm100 JWT

Comm100 JWT is an alternate way to pass the logged-in customer identity to Secure Messenger. This method is useful when you do not want to embed generated JWT for the customer in JavaScript.

In such a scenario, you can exchange your Contact JWT in Comm100 JWT from the backend server and pass Comm100 JWT in the JavaScript code.

Call Comm100 Authorize API to get the Comm100 JWT with the following request payload.


curl -X 'POST' \ 'https://api11.comm100.io/securemessage/authorize' \ -H 'accept: */*' \ -H 'Content-Type: application/json' \ -d '{ "siteId": 10000, "messengerId": "ea5380a4-77c1-436e-a47a-37fd2c8af550", "Contact JWT": "sample-customer-jwt", "isPreview": false }'

In response, you get the access token that you can pass as Comm100 JWT in the Comm100 Installation code.   

kb-comm100jwt-2.png