search

Important information and recommendations

hashtag
User identifier

It should be unique per user - the user ID cannot be recycled from one user to another. &#xNAN; It should be max 255 characters. &#xNAN; If you don’t respect these guidelines, iAdvize will consider all visitors as one and the same visitor. We will then associate all the conversations of visitors with the same user ID. This creates a confidentiality issue: visitors will then have access to the content of each-other's conversations, including text and attachments.

hashtag
Token encryption

When you generate a JWE which contains your user identifier, your library to generate this token should support A256GCM and RSA_OAEP_256 for creating the JWE. The inner JWS must be signed with RS256.

hashtag
Private Key storage

We store our private key using an external security tool call Vault, so our private key is not exposed through our code or any database access.

hashtag
About the external id usage (extId)

The visitor authentication system fully replaces the usage of the "ExtID". Then, if you use the visitor authentication system in an authenticated space of your website, you have to ensure that you are not using the "ExtID" system in parallel.

hashtag
Sending visitor data in the JWT token

In addition to the userId claim, an optional visitorData claim can be added to the JWT. This is how it would look like, before encryption:

Encoded

Decoded

Detail herearrow-up-right

It may contain the following fields, all optional strings:

PreviousWeb backend implementationNextSignature and Encryption Detailed Process

Last updated