Authenticated Visitors in the Dynamics Customer Portal
One of the key benefits of using Live Assist for Dynamics 365 is the "contact record pop" feature. What this means is that Dynamics will automatically "pop open" the contact record for a visitor engaged with an agent in a chat. In order for this to happen, however, the visitor must be authenticated.
The Customer Portal provides authentication out of the box. All that remains, then, to enable the contact record pop, is to tell Live Assist how to access the authentication data. This is done by an administrator in the Live Assist Engagement Portal.
Log in to the Engagement Portal, and navigate to the "Campaigns" tab. Beneath the campaigns list, you will see a paragraph containing several hyperlinks. Click on the link labeled "Data Sources".
You'll need to configure the Authentication Server, so click on the "Configure" button next to that item.
The Customer Portal uses oAuth 2.0 authentication (implicit), so select this item from the list of authentication types.
This will reveal some additional fields that you'll need to specify:
- Authentication Endpoint. This is where Live Assist will attempt to fetch authentication data when the chat widget runs in a separate browser window. You should specify it as follows:
- [Customer Portal Base URL]/_services/auth/authorize
- e.g. https://cafex02.microsoftcrmportals.com/_services/auth/authorize
- JWT Public Key. This is the key Live Assist will use to validate the authenticity of the provided data.
To fetch the JWT Public Key, open a separate browser, and navigate to [Customer Portal Base URL]/_services/auth/publickey (e.g. https://cafex02.microsoftcrmportals.com/_services/auth/publickey).
You will need to copy this key and paste it into the JWT Public Key field, but first, you need to remove the line-breaks. You can do this by pasting the key into a text editor, and pressing "Backspace" at the start of each line (below the first one).
Copy the key (all in one line) into the JWT Public Key field, and click "Save".
Now, Live Assist knows how to retrieve authentication data from the Customer Portal, but your chat engagement will not require authentication unless you tell it to. To do this, open your engagement ("Campaigns" > "[Your Campaign]" > "[Your Engagement]") and click "Edit" next to the "Engagement" bullet.
This will open the Engagement Studio. In the Engagement Studio, click on the "Settings" button, and toggle the switch next to "Authenticated Visitors Only". Then click "Publish".
You'll know your changes have taken effect when a visitor is redirected to the portal login page when they initiate a chat request.
After being redirected, log in as a portal user, and the chat session will begin. When an agent grabs this chat off the queue, she will see a contact record "pop" for the authenticated visitor.