Delegated Consumer for authenticated conversations

  1. During the Consumer Authentication flow in the Conversational Cloud, the brand can send the consumer access_token and the refresh_token.

  2. The delegated access_token, id_token and the refresh_token are saved in LivePerson's secured storage as long as the conversation is active.

  3. The access_token can be used by the brand (using the GetToken API) or by Bots during the conversation for accessing brand's APIs.

Delegated Consumer during unauthenticated conversations

  1. During a conversation with a Bot, the Bot can trigger a delegate consumer flow

  2. The Bot sends the consumer a link for verifing the consumer identity

  3. The consumer opens up the link (a pop-up window is being opened)

  4. The consumer completes the identification with the brand

  5. [Optional] A user consent page is presetned for the consumer to consent an access to to specific resrouces

  6. Brand is redirecting the consumer to LivePerson. LivePerson validates state and retrieve token and close the pop-up window.

  7. The Bot present is using the access token to perform the opreation with the Brand's API and respond to the consumer.