Hello 👋 How can we help?

Security signature

Generate secret and keep your data safe.
Written by Artem
Updated 4 days ago

If you use our User Authentication Mode and you don’t want the pre-chat/offline forms to be displayed in your chat widget, you can still ensure that no one is able to send any random data through your widget. This can be done by generating a special secret and utilizing a security signature on your backend.

To create this signature you need to generate the secret in your HelpCrunch account (Settings page → Security):

When the secret is generated, you can create a signature on you backend with its help. To do that, you need to JSON encode a user data from your request, concatenate it with the secret, make an MD5 hash of it, and add this hash/signature to the init or updateUser method. Here is the PHP example:

 

<?php
    $user = [
        'email' => 'some@email.com',
        'name' => 'The Name',
        'user_id' => '12345',
        'phone' => '+49123221312',
    ];
    $signature = md5(json_encode($user) . 'your organization secret');
?>
HelpCrunch('init', 'your organization domain', {
  applicationId: 'application id',
  applicationSecret: 'application secret',
  user: {
    email: '<?= $user['email'] ?>',
    name: '<?= $user['name'] ?>',
    user_id: '<?= $user['user_id'] ?>',
    phone: '<?= $user['phone'] ?>'
  },
  signature: '<?= $signature ?>'
});

Did this answer your question?