OAuth in Digital Experience

You can set up OAuth integration for:

  • A more secure solution: Each message is authorized via an authentication token. The Digital Experience backend validates the token against the OAuth server each time a message is sent.

  • Shared history across multiple devices for asynchronous chat: The conversation history is shared across various devices regardless of whether chat is implemented using Digital Chat, the Web Chat SDK, or the Mobile SDK.

  • Passing authentication tokens to bots and other services: An API endpoint can be used to retrieve the token and check customer access to specific databases such as CRMsClosed Third-party systems that manage such things as contacts, sales information, support details, and case histories. or role-specific documentation.

  • Relaying custom field updates with each new customer message: Any custom field or CRM record connected to OAuth is automatically populated with updated information. If the agent, supervisor, or any other internal user needs to change those fields, they must do so at the point of origin.

Technical Details

  • OAuth enables enhanced authentication of the chat window instance so that the Digital Experience platform can recognize the customer and ensure that the incoming messages are from an authentic website.

  • To use OAuth, you must set up your own OAuth server. That server creates an authorization code which is set in the Digital chat window instance and sent to the Digital Experience platform. The Digital Experience platform then validates the chat window instance's authorization code against your OAuth server. If authorization is successful, your OAuth server returns an access token and refresh token.

  • The refresh token is stored internally. It is used to refresh the access token.

  • The access token is used to retrieve customer data, including the customer's name and ID. That data is then sent to the chat window instance.

  • When a new message is sent, the endpoint to retrieve customer data is called. Both message data and customer data are populated. For example, the customer's name and ID are populated along with any custom fields set up by the administrator in the authentication settings of Digital chat.

  • When the customer is authorized and the channel is using the messaging version of chat, previous conversation history is synced and displayed. The same chat history is shared across multiple devices, such as chat session and Mobile SDK. No data is cached; the system requests the data again whenever the customer sends a message or reconnects to the chat session.