All the public APIs in the SDK should be called after initializing the SDK via Helpshift installWithPlatformId API
A logged-in user is someone who can contact your support team only after providing a username and password. If you have logged-in users, we highly recommend passing the user's identifiers (user ID and/or email) using the LoginAPI so that your Agents can provide a personalized support experience to your users. Using the Login API also ensures that a user's conversations are available only to them when they log in.
User's conversation will only be available on the device used to start the conversation. The conversation will not be available across devices.
You can provide either userID and/or userEmail to identify your users. We highly recommend using a user ID to identify your users. However, if you use emails to identify your users, then you should pass them in the userEmail field with the HelpshiftUser object. The following logic applies when you use both userID as well as userEmail:
You should call Helpshift SDK's login
API whenever the user successfully logs into your app. The Login API takes the following parameters:
Parameter | Required/Optional | Description | Important considerations |
---|---|---|---|
User ID | Required as an identifier if email is not provided | A user's unique identifier. User IDs must be unique. You should not use the same user ID for different users. |
|
Name | Optional | Provide the name you'd like your Agents to use when interacting with end users. If you don't know the user's name, you can leave it blank, and the Identity Bot (when enabled) will ask that user for their name. If you provide a value, the Identity Bot will not ask the user for their name again. |
|
User Auth Token | Optional | A user generated via Hash-Based Message Authentication Code (HMAC) using SHA256. You should provide an HMAC Digest if you want to ensure that 3rd parties cannot file Issues on behalf of your users or update their properties. Details here. |
|
Required as an identifier if the user ID is not provided | A user's email address. If you don't know the user's email, you can leave it blank and the Identity Bot (when enabled) will ask the user for their email. If you provide a value, then the Identity Bot will not ask the user for their email again. |
|
Example:
NSDictionary *userDetails = @{ HelpshiftUserName:@"name1", HelpshiftUserEmail:@"email1@email.com", HelpshiftUserIdentifier:@"id1" }; [Helpshift loginUser:userDetails];
let userDetails = [HelpshiftUserName : "name1", HelpshiftUserEmail : "email1@email.com", HelpshiftUserIdentifier : "id1"] Helpshift.loginUser(userDetails)
fullPrivacy
to be YES, you shouldn't be using email as the only identifier in the login API for that user. This will result in the creation of an anonymous user.
Once a user logs out from your app, you should call the Helpshift SDK's logout
API to ensure no one else can view this user's conversations.
[Helpshift logout];
Helpshift.logout()
clearAnonymousUserOnLogin() API is deprecated. We have added a new API to manage anonymous users.
An anonymous user is someone who can access the app without a username and password. If a user identifier (UserID and/or Email) is not passed via the login API, then Helpshift assumes that the user is an anonymous user.
If your use case involves multiple logged-in/anonymous users using the same device and discussing info during support conversations (which you ideally wouldn't want to be shared across logins), you should use the Helpshift.clearAnonymousUserOnLogin(boolean clearAnonymousUser)
API.
If clearAnonymousUser
is true – anonymous users are cleared whenever any user logs in. Once cleared, such users (and their conversations) cannot be fetched again.
If clearAnonymousUser
is false – anonymous user data will be saved and if a logged-in user is logged out, you will see anonymous user’s conversation history.
[Helpshift clearAnonymousUserOnLogin: clearAnonymousUser];
Helpshift.clearAnonymousUserOnLogin(clearAnonymousUser)
User Identity Verification is a security measure that verifies that all requests made from your app to Helpshift are coming from authentic end users. This prevents 3rd parties or hackers from impersonating your users. You can learn more about User Identity Verification and the steps to configure it here. In order to ensure your users are verified, you should provide a 'user authentication token' with the HelpshiftUser object at the time of login. You can find the steps to generate a 'user authentication token' here. The 'user authentication token' is an HMAC Digest, which is generated via HMAC using SHA256.
You can send the 'user authentication token' with the login API call. If Identity Verification is enabled on the Helpshift Dashboard. Helpshift recalculates the unique 'user authentication token' using the shared secret key, and compares the 'user authentication token' sent by you to the recalculated value. If they're equal, then the user's identity is verified, and the user is able to file Issues.
NSDictionary *userDetails = @{ HelpshiftUserName:@"John Doe", HelpshiftUserEmail:@"john.doe@app.co", HelpshiftUserIdentifier:@"unique-user-id-746501", HelpshiftUserAuthToken:@"generated-user-authentication-token" }; [Helpshift loginUser:userDetails];
let userDetails = [HelpshiftUserName : "name1", HelpshiftUserEmail : "email1@email.com", HelpshiftUserIdentifier : "id1", HelpshiftUserAuthToken: "generated-user-authentication-token"] Helpshift.loginUser(userDetails)
When Identity Verification is turned 'On' and a login request is made with no 'user authentication token' or with an invalid 'user authentication token' identity verification will fail. If identity verification fails, the following will hold true:
If the logged-in users are verified (i.e., a valid 'user authentication token' is provided), they are able to see the previous Issue or create a new Issue. The UI for verified, logged-in users looks & works exactly the same as it would if 'Identity verification' were turned off. Only unverified users get impacted as listed above.
If identity verification fails, the SDK will invoke one of the following delegates to notify the application of the failure:
Delegate | When it is called | How to use |
---|---|---|
- (void) authenticationFailedForUserWithReason:(AuthenticationFailureReason) AuthTokenNotProvided | When no 'user authentication token' is provided | If you do not plan on sending an 'user authentication token' but plan on implementing it in the future, you can use this failure delegate to show your own alerts to the userm such as a prompt to update the app. You may want to use this if you are using the login API without the 'user authentication token', as these users will be considered unverified once Identity Verification is enabled on the Dashboard. Using this delegate is completely optional - Helpshift will prevent unverified users from being able to file Issues, as mentioned previously. |
- (void) authenticationFailedForUserWithReason:(AuthenticationFailureReason)InvalidAuthToken |
|
If the HMAC Digest being provided via LoginAPI is invalid, Helpshift will prevent the users from filing Issues. The 'user authentication token' can be invalid if:
|
Steps to test that Identity Verification is correctly set up are available here.