Track failure in web widget authentication | Community
Skip to main content

Track failure in web widget authentication

  • March 20, 2024
  • 6 replies
  • 0 views
Oriol11

Hello

I'm using the Zendesk Web Widget in Web for chat and implemented the authentication as described in this guide:

https://developer.zendesk.com/api-reference/widget-messaging/web/authentication/

This works but I want to be able to track if there are errors in the loginUser callback, so I can monitor this and also prevent the chat widget from opening if that happened.

My code looks something like this:

zE("messenger", "loginUser", function (callback) {
  const jwtToken = generateJWT()
  callback(jwtToken)
})

If my `generateJWT` function produces an invalid token I can see in the console that the Zendesk script is making a POST request to

https://<subdomain>.zendesk.com/sc/sdk/v2/apps/......../login

And this results in a 401 error. But I don't have any way to know this happened and take an action when it does.

I tried globally intercepting `fetch` but I can't see that call in my interceptor, so I guess you don't use fetch internally. 

How can I intercept these calls and react to 40X errors? Is there a less hacky way to do this?

Thank you

      6 replies

      Greg29
      • Greg29
      • March 20, 2024

      Hi Oriol! Since the JWT should only be issued after you have authenticated the visitor on your side, you would want to catch the validation upstream from the login function for the widget. The only part from the Zendesk side that could cause this issue would be an invalid KID or secret, which should be constants in your application. With that being the case, there isn't a dynamic part of the Zendesk method that would reject this and thus any validation for the user should be handled in your auth or JWT flow.

      Oriol11
      • Oriol11
      • Author
      • March 20, 2024

      Hi Greg, thanks for your answer! I'm not sure I understand what you mean to validate this upstream.

      The case I experienced was because we generated a JWT including the external ID of a user, but that user had a different external ID in Zendesk, due to some problem in the way we synchronise the users in our app with Zendesk.

      In this case our JWT flow was correct (it generated the correct JWT with the data on our side) and Zendesk also correctly returned a 409 (because the JWT doesn't match the external ID Zendesk has), but I have no visibility that this happened.

        I
        • Infolearn
        • July 18, 2024

        Adding on to this in agreement with Oriol. Even though authentication of the user was handled upstream we would still like to have a way to verify if the actual authentication in ZD was successful. The loginUser callback code seems to be using a Promise but it can't be handled apparently.

        Also, the IOS en Android code is able to catch success/failure events for the callback: https://developer.zendesk.com/documentation/zendesk-web-widget-sdks/sdks/android/advanced_integration/

        Tan13
        • Tan13
        • July 23, 2024

        Hi, I'm using Zendesk widget on web and facing the same error, I can't check for login error logs and reasons. Please send help

        Hop
        • Hop
        • July 23, 2024

        I agree with Oriol. A successful generated JWT from our app might be rejected by ZD chat system. So it would be better if we have a way to know when it happens.

        We would appreciate it if you could make this feature request come true.

        John150
        • John150
        • October 10, 2024

        Has anyone found any solutions to this problem? I am running into a similar issue. I am using a custom launcher as well which means the click to open chat may happen at the same time as the JWT/loginUser step. If I call open and loginUser too close together with the custom launcher, the chat opens and immediately closes so they can't get in. If I had a way to at least check if they are already authenticated to the Zendesk messenger, I can skip the loginUser and just open the chat at least. I don't think I can even do that though.

         

        I'm also curious is there a Zendesk log of when these login attempts fail? I want to be able to log errors when they happen, but even if we can audit a log for an id or some information to pinpoint which users had problems accessing chat we can at least fix them in our database.

        Terms & ConditionsCookie settingsAccessibility statement