Conversational Cloud expects to receive a token for every messaging conversation. These tokens identify unique consumers for Conversational Cloud and make sure that all consumers appear with their unique details displayed to the agent once they start a conversation. If you would like to have unauthenticated messaging conversations (where the consumer remains "anonymous"), you will need to provide an "unauthenticated" (not containing any details on the consumer) ID Token to Conversational Cloud. In this tutorial you will learn how to create and use such a token.
Prerequisites
In order to use unauthenticated tokens, your account must be provisioned by an LPA (LivePerson Administrator) to enable the Messaging.Un_Auth_Messaging
feature and create an unauthenticated connector (ACR0 Connector). The LPA should supply you with the CONNECTOR_ID
parameter that is required in the beginning of the flow below.
Creating and Using a Token for Unauthenticated Messaging Conversations
First, launch a shell for your account with the CONNECTOR_ID
with the jsMethodName: lpTag.taglets.unAuthMessaging.lpUnauthFunction
.
LP_CONN_ID=`curl https://accdn.lpsnmedia.net/api/account/$LP_ACCOUNT/configuration/le-connectors/all-connectors | jq -c '.[] | {id: .id, jsMethodName: .configuration.jsMethodName} | select( .jsMethodName == "lpTag.taglets.unAuthMessaging.lpUnauthFunction" ) | .id'`
docker run --env LP_ACCOUNT=__YOUR_ACCOUNT_ID__ --env LP_CONN_ID=$LP_CONN_ID -it lpinc/shell
Step 1 — Create an Unauthenticated External JWT
LP_EXT_JWT=`curl -X POST -H "Content-Type: application/json" https://$LP_IDP/api/account/$LP_ACCOUNT/anonymous/authorize | jq -r .token`
Step 2 — Exchange the Unauthenticated External JWT with an Internal Token
LP_JWT=`curl -X POST -H "Content-Type: application/json" -d '{"id_token" : "'$LP_EXT_JWT'"}' https://$LP_IDP/api/account/$LP_ACCOUNT/app/$LP_APP_CONN_ID/authenticate?v=3.0 | jq -r .token`
Step 3 — Create a Conversation
Now you can continue the regular flow for creating conversations as documented in the Getting Started, inserting the LP_JWT
parameter you created in the step above for the token required by the normal flow.
Step 4 — Refresh an External Token
Once the external token is expired (10 minutes by default), you can refresh it for a certain period of time (730 hours by default) by using the following call:
LP_EXT_JWT=`curl -X POST -H "Content-Type: application/json" -d '{ "id_token":"'$LP_EXT_JWT'" }' https://$LP_IDP/api/account/$LP_ACCOUNT/anonymous/authorize | jq -r .token`
Make sure that the LP_EXT_JWT
contains the previous external token you created in step 1. Using the fresh external token you can continue to step 2 and exchange the refreshed token for the LivePerson internal token.