API
      Back to home
      1. Help Center
      2. Integration
      3. API

      Signed Interaction Data

      Signed Interaction Data

      Interaction Data is information passed through with a chat/video/voice interaction that can be used to identify the customer. Due to the fact interaction data is typically passed through JavaScript, it is inherently insecure and should not be used to pass through secure credentials.


      Setup

      To be able to verify the source of interaction data, it needs to be signed. That way, Talkative can verify that it came from a trusted source.


      Note: Enabling signed interaction data means that "unsigned data" (normal interaction data e.g. pre-chat forms) will no longer be able to pass through unless approved within the Talkative admin portal.


      To configure Signed Interaction Data, navigate to the Signing Keys page and provide an ECSDA public key.

      Signing Keys

      To generate this key, you need to run:

      openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem
      openssl ec -in ec_private.pem -pubout -out ec_public.pem

      In a unix-compatible terminal (Git Bash on Windows works as well).

      Then, copy the contents of ec_public.pem and paste them into the signing keys field.

      ec_public.pem

      At that point, you will be able to sign data.

      To sign information, you'll need to form a JSON array in the following format

      [    {"label": "INTERACTION_DATA_NAME", "data": "INTERACTION_DATA_CONTENT", "type": "string"},    {"label": "INTERACTION_DATA_NAME1", "data": "INTERACTION_DATA_CONTENT1", "type": "string"}, 
      ]

      Then you will need to sign it with the private key you just generated, with the algorithm set to ES256. This operation should be done in a secure context - for example, on your Backend server, after authenticating the user. To serialize this signature, use the CompactSerializer. This should result in a signed base64 string. To verify it against your public key you can use https://jwt.io .


      To pass this string, you can attach the :signed-interaction-data property to your Talkative element, or modify your TalkativeEngageApi.startChat() call to TalkativeEngageApi.startChat({signedInteractionData: 'signed-data-here'})

      TalkativeEngageApi.startChat()TalkativeEngageApi.startChat({signedInteractionData: 'signed-data-here'})

      Unsigned fields

      If some fields are to remain unsigned, they will need to be added in to the unsigned fields page.