Skip to main content

Verify Your End User and Share Messaging History

Learning Objectives

After completing this unit, you’ll be able to:

  • Explore the benefits of adding User Verification to your Messaging for In-App or Messaging for Web deployment. 
  • Explain how user verification works.
  • Identify the building blocks of user verification setup.

Messaging for In-App and Web lets your end-users chat with your agents. It differs from the Salesforce legacy chat product because conversations are now asynchronous. That means messages can be started, stopped, and picked back up at any time. After basic setup, you can enhance your Messaging for In-App and Web experience with exciting features, such as:

  • Protecting customer data and persisting conversation history with User Verification
  • Collecting data to increase response times and tailor customer interactions for a better experience with visible and hidden pre-chat fields
  • Offering the chat button conditionally, from only showing it during your business hours to moving its location to suit your business needs
  • Sending structured content to end-users to reduce response times and offer a rich, dynamic conversation experience with messaging components

In this module, we explore these concepts to help inspire your ideal messaging experience.

Let’s start with User Verification.

Benefits of User Verification

User Verification offers these benefits.

  • Maximize data privacy with secure tokens that verify your customer’s identity.
  • Enable conversations to persist across multiple devices. For example, if a user signs in to your mobile app and starts a messaging session, and then later logs in to your website, they can continue the messaging conversation there, seeing the same conversation history in both places.
  • Enable asynchronous conversations. For example, your customer can start a conversation, walk away from their device for hours, and return to the same conversation at any time.
  • Extend your customer’s access to their Messaging for Web conversation history. Without User Verification, Messaging for Web customers can view their conversation history in the messaging window for up to 6 hours. With User Verification, your customer can always see their conversation history after logging in.
  • Guarantee your verified customer’s access to their Messaging for In-App conversation history. Without user verification, the customer’s messaging history is based on a local cache and disappears if the app is uninstalled or the cache is deleted.

How User Verification Works

User Verification uses JSON Web Keys to verify a JSON Web Token that’s assigned to an end-user upon logging into your website or mobile app. If that explanation has your head spinning, let’s liken it to something familiar: arriving at the airport.

At the airport, you may often scan your ID at the kiosk to get your boarding pass. Similarly, the first thing that user verification requires your end-user to do is log in to your website or mobile app, which assigns a unique JSON Web Token to that user. In both cases, you present identifying information (an ID or login credentials), and an initial verifying element is assigned to you in return (a boarding pass or a JSON Web Token).

In the airport scenario, you haven’t yet interacted with an airport security agent to verify that the ID and boarding pass represent the person holding them. Similarly, user verification requires one more step to verify your end user.

Think of JSON Web Keys as your Salesforce org’s airport security agent. JSON Web Keys verify the unique JSON Web Token assigned to your user, and then enables the user to see their messaging history. Once a TSA agent verifies you at the airport security checkpoint, your adventure begins.

A traveler gets a boarding pass from the airport kiosk, then takes the pass and his passport to a TSA agent for verification.

To recap without the travel metaphor, user verification happens as follows.

  1. End user logs in to your website or mobile app.
  2. JSON Web Token is assigned to the end user.
  3. JSON Web Keys verify the JSON Web Token and show the end user their messaging history.

User Verification Features

Although adding user verification is optional, we recommend it given all the great benefits that come with it. The way in which it changes your end-user’s messaging experience depends on your deployment’s location: On a website or on your mobile app. Let’s explore this a bit more to see how it changes a user’s experience.

Messaging Type

Experience for Unverified Users

Experience for Verified Users

Messaging for In-App

Messaging history persists in the conversation window based on a local cache and can disappear if the app is uninstalled or the cache is deleted.

Messaging history persists in the conversation window when an end user logs in. An end user must be logged in to your app to see their messaging history. If they log out, then log back in, it’s still there. Messaging history is visible on any other devices where the same user is verified.

Messaging for Web

Messaging history disappears from the conversation window after the time specified in the Authorization Token Expiration Time for Unverified Users field in your Messaging Channel setup (up to 6 hours). Otherwise, the messaging session remains active until the customer or agent clicks End Chat.

Messaging history persists in the conversation window for verified users. An end user must be logged in to your app to see their messaging history. If they log out, then log back in, it’s still there.

Setting Up User Verification

User verification setup occurs in three places.

User verification setup occurs in three places: the User Verification setup page, the Messaging Settings setup page, and the API.

Here are the steps to follow.

  1. First, head to the User Verification Setup page to upload one or more JSON web keys and create a keyset. This, as you now know, is used to verify the customer’s JSON web token.
  2. Next, head to the Messaging Setting Setup page, and activate user verification on your messaging channel. This involves setting token expiration and adding the keyset that you just created to the channel.
  3. Finally, set up an API call that sends the customer’s JSON web token to Salesforce, where it gets verified by the JSON web keys.

For more detailed step-by-step setup instructions for user verification, head over to Salesforce Help.


Keep learning for
Sign up for an account to continue.
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities