Developer Platform
  • Home
  • Getting Started
    • General Information
    • Features Overview
    • Security
  • APPs
    • Public Apps
      • Shopify
      • Salesforce
      • Zendesk
      • Google Analytics
    • Build your App
      • Getting started
      • My Apps
      • App information
      • App Parameters
      • App Plugins
      • Add Webhooks
      • Submit your Apps
      • App security
      • Developer Policy
  • Use Cases
    • Copilots
      • Product Catalog sync through API
      • FAQ sync through API
    • Visitor experience
      • Integrating custom buttons into your site
      • Check availability before escalating to iAdvize
      • Authenticated Messaging
        • Introduction
        • Web client-side implementation
          • Authenticated Messaging overview
          • Brief timeline of the integration process
          • How to enable authenticated mode in the administration portal?
          • How to implement the customer authentication backend (token provider)?
          • How to authenticate with iAdvize in client's website?
          • How to deal with activation success or failure?
          • How to logout?
          • Compatibility with Mobile SDK
          • FAQ
        • Web backend implementation
          • Important information and recommendations
          • Signature and Encryption Detailed Process
          • Technical backend implementation
          • FAQ
      • Cross-domain Conversation Continuity
      • Customize replies with Markdown
    • Agent workspace
      • Custom App example and step-by-step tutorial
        • Get Started
        • Work with the Desk
        • Intent / Trigger
        • JWT
        • References
    • Administration
      • Users
        • SAML SSO Authentication - Implementation Guide
        • Create, update and delete users via API
        • Manage the availability of your users with the iAdvize API
        • Integrate the iAdvize conversation panel into an existing tool
    • Data & Analytics
      • Anonymize a conversation or visitor data
      • Create a custom dashboard
      • Find contact data using GraphQL
      • Retrieve conversations data
      • Retrieve messages exchanged within a conversation
  • Technologies
    • GraphQL API
      • Terminology
      • Reference
      • Authentication
      • Schema lifecycle
      • Error Management
      • Pagination
    • REST API (deprecated)
      • Statistic (deprecated)
      • Group (deprecated)
      • Call meeting (deprecated)
      • Operator (deprecated)
      • Skill (deprecated)
      • Transaction (deprecated)
      • Visitor (deprecated)
    • Webhooks
      • Reference
      • Guides
    • Desk events
      • Reference
    • Web & Mobile SDK
      • Javascript Web SDK
        • Reference
      • Javascript Callbacks
        • Reference
        • Guides
      • Mobile SDK
        • Fourme (latest)
        • Epoisses
        • Dauphin
        • Cantal
        • 🤝Support Policy
        • 🤔Frequently Asked Questions
    • Custom App
    • External Bot
      • Implementation
        • Configuration flow
        • Conversation flow
        • Conversation objects
      • Configuration
      • FAQ
      • Best practices
Powered by GitBook
On this page
  • The sign-in in the visitor’s authenticated space fails
  • The iAdvize "activate" method can also fail

Was this helpful?

  1. Use Cases
  2. Visitor experience
  3. Authenticated Messaging
  4. Web client-side implementation

How to deal with activation success or failure?

Failures happen for various reasons, therefore while creating robust and secure system the implementation needs to cope with such cases. Authentication failures can happen in two places:

The sign-in in the visitor’s authenticated space fails

In this case, the backend logic is unable to generate a token : it is then the client’s responsibility to activate the iAdvize tag. In other words, it is the client implementation responsibility to decide whether:

  • Not to activate the tag (i.e. not calling "iAdvize.activate" methods)

  • Or to fall back to an anonymous activation instead.

If you want to ensure a fully authenticated conversational experience, we recommend the first defensive implementation.

The iAdvize "activate" method can also fail

If the token is ill-formatted or if signature is incorrect, the "iAdvize.activate" can also fail.

To cope with this, the "iAdvize.activate" method takes an optional argument : a function that will be called with an object containing the result of the authentication ("authentication-success" or "authentication-failure"). This object includes the reason the authentication failed: a malformed token, an invalid key, a double login attempt, ...

const iAdvizeActivationCallback = (activation) => {
        console.log(activation);
}
/* In case of success, logs :
{
        authentication: {
                option: { type: 'SECURED_AUTHENTICATION', token: '<YOUR-TOKEN>' },
                status: 'authentication-success'
        }
}

/* In case of failure, logs :
{
        authentication: {
                option: { type: 'SECURED_AUTHENTICATION', token: '<YOUR-TOKEN>' },
                status: 'authentication-failure',
                reason: 'A login is already ongoing' // Or another relevant error
        }
}

iAdvizeInterface.push(async (iAdvize) => {
        const activation = await iAdvize.activate(async () => {
                const token = await ... // your backend logic to generate a JWE - note that this can be called at anytime for refresh
                return {
                        authenticationOption: { type: 'SECURED_AUTHENTICATION', token }
                };
        }) ;
        iAdvizeActivationCallback(activation);
});

In case of failure, we recommend that you do not fallback to the anonymous activation.

Note : iAdvize javascript logic has already retry policies implemented. It will automatically retry 3 times in case of error. If it does not succeed, iAdvize systems return an error. We do not recommend that the client implementation adds additional retries.

PreviousHow to authenticate with iAdvize in client's website?NextHow to logout?

Last updated 1 year ago

Was this helpful?