Authentication
Authentication options
By default, customers chatting with you will be anonymous. You can pass customer details, if you know them, in the Plain.init
function call:
If you want to provide an email address for the customer, you can do so by passing an email
property in the customerDetails
object. We will only accept email addresses that have been verified.
In order to know that the email address that you provide has been verified, we require an emailHash
, which is a hash of the email address and a secret.
This emailHash
can be either manually provided by you or you can use our built-in email verification process to do it for you. Both methods are described below.
Manual email verification - when you already know the user’s identity
Use this when you have already authenticated the user in your application and you know their verified email address.
If your chat widget is embedded within an authenticated application (e.g. behind a login), you already know the user’s identity. In this case, you can directly match the authenticated user to their Plain customer record:
- Generate a secret in the Chat settings page on Plain
- Calculate the email hash in your backend:
- Finally, pass both the email and email hash when initializing the Plain widget:
Always calculate the email hash in your server to avoid exposing your secret.
Built-in email verification - when you don’t know the user’s identity
Use this when you don’t know who the user is and you want to make sure that all users writing through the widget have a verified email address. You can also use this within an authenticated application, if you don’t want to provide the email hash yourself.
If your chat widget is publicly accessible (e.g., on your marketing website), you should use Plain’s built-in customer verification system. This ensures that customers can prove their identity through email verification.
To enable this, set the requireAuthentication
option to true
when initializing the Plain widget:
When enabled:
- New customers will need to provide their email address
- They’ll receive a verification code via email
- After verification, they can start chatting
Was this page helpful?