Authentication using Digital Messaging
Perform customer authentication pre-chat and mid-conversation, so that customers can pass on their private data to Pega Customer Service using the underlying messaging API in digital messaging interfaces. If the customer's private data matches with the records in the database, the customer is marked as authenticated.
Pega Customer Service authenticates customers in the following cases:
- Pre-chat: When a customer who is interacting on a digital messaging interface is already logged into a website, the system authenticates the customer by passing the customer's private data to Pega Customer Service using the Messaging API. When the customer authenticates pre-chat, the CSR has the customer's account information on their screen, and the customer does not have to re-authenticate.
- Mid-chat: When a customer is mid-chat with the bot, the system can ask
the customer to authenticate by directing the customer to log in to the
Icon Description Unauthenticated customer icon on the chat panel. When the customer is not authenticated, there is no check mark beside the customer icon on the chat panel in Interaction Portal. Authenticated customer icon on the chat panel. When the customer is authenticated, the system displays a check mark beside the customer icon on the chat panel in Interaction Portal.
Configuring authentication settings in App Studio
Configure authentication settings in App Studio to protect the customer's sensitive data or collect additional information about the user, by performing external authentication. For example, the customer might have an external LDAP system in which all users (the customer's customers) are stored.
For example, if the customer requests a Statement copy case, and if you have enabled the Require authentication option for that case, then the customer must log in with the authenticated credentials to get a statement copy.When the customer logs into the website, the interaction is treated as authenticated for a specific amount of time (defined in channel configuration). Within an authenticated interaction, the user could call other responses requiring authentication without receiving a prompt to log in. After an interaction timeout, the system asks the user to re-authenticate.
At the beginning of the authentication process, the Digital Messaging interface generates a login URL that is sent to the Messaging API. A new token is also generated for the user.
To configure the authentication settings, such as Authentication URL, token, and the security key in App Studio, perform the following steps:
On the Behavior tab of your Digital Messaging interface, in the Options section configure the following interaction and authorization settings:
In the Authentication URL field, enter the URL for the external login page for verification of the end-user.
In the Authentication token TTL field, enter a value for the expiration time, in minutes.The expiration time allows channel developers to determine how much time end users have to re-authenticate from when the login request (link) is sent. If you leave the field empty, the token never expires.
Click Generate to generate an Authentication security key.The Authentication security key is an additional security mechanism to make the communication between Pega Customer Service and the custom login page more secure.