Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Authentication using Digital Messaging

Updated on December 3, 2021

Perform customer authentication pre-chat and mid-conversation, so that customers can pass on their private data to Pega Customer Service using the underlying messaging API in digital messaging interfaces. If the customer's private data matches with the records in the database, the customer is marked as authenticated.

Pega Customer Service Implementation Guide Pega Customer Service Implementation Guide
Pega Customer Service authenticates customers in the following cases:
  • Pre-chat: When a customer who is interacting on a digital messaging interface is already logged into a website, the system authenticates the customer by passing the customer's private data to Pega Customer Service using the Messaging API. When the customer authenticates pre-chat, the CSR has the customer's account information on their screen, and the customer does not have to re-authenticate.
  • Mid-chat: When a customer is mid-chat with the bot, the system can ask the customer to authenticate by directing the customer to log in to the client-configured site.

    Customer authentication

    Icon Description
    Unauthenticated customer icon on the chat panel. When the customer is not authenticated, there is no check mark beside the customer icon on the chat panel in Interaction Portal.
    Authenticated customer icon on the chat panel. When the customer is authenticated, the system displays a check mark beside the customer icon on the chat panel in Interaction Portal.

Configuring authentication settings in App Studio

Configure authentication settings in App Studio to protect the customer's sensitive data or collect additional information about the user, by performing external authentication. For example, the customer might have an external LDAP system in which all users (the customer's customers) are stored.

Note: This option applies only to Digital Messaging interface.
If you enable the Require authentication option for any case while creating an interface, the system triggers the authentication process during the live conversation when the customer requests that case. The system starts the authentication process by sending the login URL (to which the customer is redirected) to the Messaging API.

For example, if the customer requests a Statement copy case, and if you have enabled the Require authentication option for that case, then the customer must log in with the authenticated credentials to get a statement copy.

When the customer logs into the website, the interaction is treated as authenticated for a specific amount of time (defined in channel configuration). Within an authenticated interaction, the user could call other responses requiring authentication without receiving a prompt to log in. After an interaction timeout, the system asks the user to re-authenticate.

At the beginning of the authentication process, the Digital Messaging interface generates a login URL that is sent to the Messaging API. A new token is also generated for the user.

To configure the authentication settings, such as Authentication URL, token, and the security key in App Studio, perform the following steps:

  1. On the Behavior tab of your Digital Messaging interface, in the Options section configure the following interaction and authorization settings:
    1. In the Authentication URL field, enter the URL for the external login page for verification of the end-user.
    2. In the Authentication token TTL field, enter a value for the expiration time, in minutes.
      The expiration time allows channel developers to determine how much time end users have to re-authenticate from when the login request (link) is sent. If you leave the field empty, the token never expires.
    3. Click Generate to generate an Authentication security key.
      The Authentication security key is an additional security mechanism to make the communication between Pega Customer Service and the custom login page more secure.
What to do next: To learn more about customer authentication in real-time, see Authenticating customers with their private data.


Pega Customer Service 8.7 Pega Customer Service for Communications 8.7 Pega Customer Service for Financial Services 8.7 Pega Customer Service for Healthcare 8.7 Pega Customer Service for Insurance 8.7

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us