Genesys Cloud - Main

 View Only
Discussion Thread View
  • 1.  Authenticated Web Messaging Migration

    Posted 05-22-2023 15:05

    Hi,
    I'm looking for a simple ("Idiot's guide!!") to migrating from Authenticated Chat to Authenticated Messaging. I understand the process for Chat, but it looks like the one for Messenger is way more complicated!
    I appreciate Messenger has more features, but what if I want to do a 1:1 replacement of Chat with Messenger?
    TIA for any resources!


    #DigitalChannels

    ------------------------------
    Paul Simpson
    Eventus Solutions Group
    ------------------------------


  • 2.  RE: Authenticated Web Messaging Migration

    Posted 05-22-2023 15:58

    Here is the Genesys take on it:  https://help.mypurecloud.com/articles/web-chat-to-web-messaging-migration-and-impact/

    In my opinion, it is just a lot of side-by-side comparison in the flows (with they had export/import between chat and messaging), building the configuration/deployments, and swapping out code on the website.  



    ------------------------------
    Robert Wakefield-Carl
    ttec Digital
    Sr. Director - Innovation Architects
    Robert.WC@ttecdigital.com
    https://www.ttecDigital.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 3.  RE: Authenticated Web Messaging Migration

    Posted 05-22-2023 17:58

    Thanks, Robert.
    I think you underestimate my ability to be an idiot! 😂
    In particular, I'm looking to understand the data flow between the client, the web server and Genesys (both the API and also the chat session). With Webchat, the web server could get "secure" data signed by the API (basically, converted into a JWT) so that when the data was submitted to the chat session, the session could verify that the data had not been tampered with. Does (can) web messaging work the same way? There is lots of discussion about 3rd party authentication services and integrations littering the documentation (which I accept may provide additional functionality) but at it's most basic, can / does it work the same way?



    ------------------------------
    Paul Simpson
    Eventus Solutions Group
    ------------------------------



  • 4.  RE: Authenticated Web Messaging Migration

    Posted 05-22-2023 18:46

    Not at all.  Many times, I am just going through 20 or 30 posts and just answering.  

    So, you won't get authenticated (end-to-end) unless you use Authenticated Messaging through and OpenID server.  All the API is based on https, so that comes close.  I think what you are going to have to look at is that Authenticated or you use some 3rd-party messaging platform to initiate the conversation and call the Messaging API with some sort of signing check.  The only real diagrams I know of are here:  Authenticated web messaging (genesys.cloud)



    ------------------------------
    Robert Wakefield-Carl
    ttec Digital
    Sr. Director - Innovation Architects
    Robert.WC@ttecdigital.com
    https://www.ttecDigital.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 5.  RE: Authenticated Web Messaging Migration

    Posted 05-26-2023 10:23

    Thanks again, Robert.
    I guess I was looking for a method that worked the same way as Authenticated Chat, with no external Authentication Server integration being required. (Depending on which diagram you look it, it implies that this is possible!)
    It's another case of supposed "improvements" actually making things more complicated, or removing functionality, I suppose... 😥



    ------------------------------
    Paul Simpson
    Eventus Solutions Group
    ------------------------------



  • 6.  RE: Authenticated Web Messaging Migration

    Posted 05-26-2023 13:52

    Yes, the dependence on OpenID services is a real pain.  I wish they would offer some type of step-up authentication which has been talked about.  



    ------------------------------
    Robert Wakefield-Carl
    ttec Digital
    Sr. Director - Innovation Architects
    Robert.WC@ttecdigital.com
    https://www.ttecDigital.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 7.  RE: Authenticated Web Messaging Migration

    Posted 06-01-2023 09:21

    Hey Robert, thanks again for the response.

    What do you mean by "Step-Up Authentication"? If you mean what I fear you do, then it may well provide the answer to my next question (which will not be what my customer wants!!!)

    Ok, so here is the scenario. Visitor comes to the website and authenticates using the customer's own back-end system. At this point, the customer's website "knows" with enough certainty who the visitor is. The visitor opens a Web Messaging session and passes some information, like a name etc., in the message, for display to the Agent. We need to be sure that information has not been tampered with by a bad actor, but we want it to be invisible to the visitor.

    With Authenticated Chat, the website (when it creates the Web page following the login) could use the GC API to sign the required data and pass the signed copy to the browser. The browser then sends this signed version to Genesys Cloud when opening the Chat and Genesys Cloud could check the signature.

    The concern is that with Authenticated Web Messaging, the visitor will be asked to re-authenticate within the Web Message session, even though they have already authenticated to the website.

    I hope I'm explaining the concern clearly! Can you (or anyone else) confirm whether it is possible to configure the system to not force a re-authentication?

    TIA!



    ------------------------------
    Paul Simpson
    Eventus Solutions Group
    ------------------------------



  • 8.  RE: Authenticated Web Messaging Migration

    Posted 06-01-2023 17:54

    We see step-up as a way to go from non-authenticated to authenticated so the agent can ensure they are speaking with the person they say they are.  That might be with authentication through a bot that then marks the session as authenticated so no matter where it flows in Genesys Cloud, it will show that status - much like the SRTP functionality for voice.  The Authenticated session from Web to Messaging should be no problem with the Open ID integration.  I think the main thing that is needed is to give an indication of the authenticity no matter how it was originally authenticated.  



    ------------------------------
    Robert Wakefield-Carl
    ttec Digital
    Sr. Director - Innovation Architects
    Robert.WC@ttecdigital.com
    https://www.ttecDigital.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 9.  RE: Authenticated Web Messaging Migration

    Posted 06-28-2023 11:13

    I'm my own type of idiot Paul but yes based on what I've seen so far the same JWT/token type stuff is there.  You can get basically just 3 pieces of information currently - name, email address, unique identifier (from the OpenID provider).  Anything more than that you need to send through as custom attributes which unfortunately can be tampered with to an extent.  So you have to make careful and thought out decisions on what your ID and trust process is.



    ------------------------------
    Vaun McCarthy
    ------------------------------



Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources