Secure Mode

Secure Mode enables identity verification to protect your customer’s information and conversation history.

It provides an additional layer of security to Beacon’s live chat by preventing malicious agents from impersonating legitimate users.


To enable Secure Mode you’ll first need to generate a SHA-256 HMAC code on your server.

In the examples below, the “secret_key_from_beacon_config” is found in your Beacon settings in Help Scout. Once you’re in the Beacon Settings, head to the Contact tab and enable the “Support history security” toggle. Your secret key will be revealed. Make sure to Save at the bottom of the page.

The Rails and PHP examples below show you how to create the HMAC singature directly in your server-side template file. The rest of the examples show you how to create the signature on your server-side script, which you will then need to pass as the signature attribute of the Beacon('identify') call in your template, like so:

window.Beacon('identify', {
  name: '{ user_name }',
  email: '{ user_email }',
  signature: '{ signature }',


window.Beacon('identify', {
  name: "<%= escape_javascript( %>",
  email: "<%= escape_javascript( %>",
  signature: "<%=


window.Beacon('identify', {
  name: <?php echo json_encode($user->name); ?>,
  email: <?php echo json_encode($user->email); ?>,
  signature: "<?php
    echo hash_hmac(


import hashlib
import hmac
import base64

For Python 2.x use:
message = bytes("").encode('utf-8')
secret = bytes("secret_key_from_beacon_config").encode('utf-8')

For Python 3.x use:
message = bytes('', 'utf-8')
secret = bytes('secret_key_from_beacon_config', 'utf-8')

signature = base64.b64encode(, message, digestmod=hashlib.sha256).digest())


using System;
using System.Security.Cryptography;

private static string HashHmac(string message, string secretKey)
  System.Text.Encoding encoding = System.Text.Encoding.UTF8;
  using (HMACSHA256 hmac = new HMACSHA256(encoding.GetBytes(secretKey)))
    var msg = encoding.GetBytes(message);
    var hash = hmac.ComputeHash(msg);
    return BitConverter.ToString(hash).Replace("-", "").ToLower();

var signature = HashHmac("", "secret_key_from_beacon_config");


import crypto from 'crypto'

const signature = crypto
  .createHmac('sha256', 'secret_key_from_beacon_config')