Secure Mode

Secure Mode enables identity verification to protect your customer’s information and conversation history.

It provides an additional layer of security to Beacon’s live chat by preventing malicious agents from impersonating legitimate users.

Usage

To enable Secure Mode you’ll first need to generate a SHA-256 HMAC code on your server.

In the examples below, the “secret_key_from_beacon_config” referenced is found in your Beacon settings in Help Scout. To find your secure key:

  1. Head over to Manage ➝ Beacon, then click the Contact tab in the left hand sidebar.
  2. Under the Contact Form section, you will find the Support history security setting.
  3. Clicking the toggle button will reveal the key. Be sure to click Save to save your settings and key.

The Rails and PHP examples below show you how to create the HMAC signature directly in your server-side template file. The rest of the examples show you how to create the signature on your server-side script, which you will then need to pass as the signature attribute of the Beacon('identify') call in your template, like so:

window.Beacon('identify', {
  name: 'user_full_name',
  email: 'user_email',
  signature: 'signature',
})

Rails

window.Beacon('identify', {
  name: "<%= escape_javascript(user.name).html_safe %>",
  email: "<%= escape_javascript(user.email).html_safe %>",
  signature: "<%=
    OpenSSL::HMAC.hexdigest(
      'sha256',
      'secret_key_from_beacon_config',
      user.email
    )
  %>"
})

PHP

window.Beacon('identify', {
  name: <?php echo json_encode($user->name); ?>,
  email: <?php echo json_encode($user->email); ?>,
  signature: "<?php
    echo hash_hmac(
      'sha256',
      $user->email,
      'secret_key_from_beacon_config'
    );
  ?>"
})

Python

import hashlib
import hmac
import base64

"""
For Python 2.x use:
"""
message = bytes("email@email.com").encode('utf-8')
secret = bytes("secret_key_from_beacon_config").encode('utf-8')

"""
For Python 3.x use:
"""
message = bytes('email@email.com', 'utf-8')
secret = bytes('secret_key_from_beacon_config', 'utf-8')

signature = hmac.new(secret, message, digestmod=hashlib.sha256).hexdigest()

C#.NET

using System;
using System.Security.Cryptography;

private static string HashHmac(string message, string secretKey)
{
  System.Text.Encoding encoding = System.Text.Encoding.UTF8;
  using (HMACSHA256 hmac = new HMACSHA256(encoding.GetBytes(secretKey)))
  {
    var msg = encoding.GetBytes(message);
    var hash = hmac.ComputeHash(msg);
    return BitConverter.ToString(hash).Replace("-", "").ToLower();
  }
}

var signature = HashHmac("email@email.com", "secret_key_from_beacon_config");

NodeJS

import crypto from 'crypto'

const signature = crypto
  .createHmac('sha256', 'secret_key_from_beacon_config')
  .update(user.email)
  .digest('hex')