This is a really important message about something. It could be about anything we deem important enough to tell everyone. It might have links to places, but shouldn't have any images or non-text content. Messages shouldn't be longer than two lines on normal sized layouts.
Genesys Cloud Developer CenterGenesys Cloud Developer Center
Browser storage is disabled

Your theme selection will not be remembered when you refresh the page. Please enable browser storage in the Account Switcher above to allow this setting to be remembered.

Topics
Analytics & Data Management
Authorization
Billing
Communication & Digital Channels
Overview
Journey
Collaborate Chat
Digital messaging and engagement
Digital messaging and engagement
Co-browse
Screen share
Web Chat
Digital Messaging Recipient Identifiers Messaging Media Uploads
Open messaging
Web messaging and Messenger
Web messaging and Messenger Authenticated web messaging APIs
Messenger JavaScript SDK
Messenger JavaScript SDK Examples Migrate to Messenger and enable journey tracking Third-party licenses globalFunction Configure Messenger for authenticated web messaging Local storage reference
Commands and Events
Commands and Events Auth plugin AuthProvider plugin CobrowseService plugin CobrowseVoice plugin Conversations plugin Database plugin Engagement plugin Journey plugin Knowledge plugin KnowledgeService plugin Launcher plugin MessagingService plugin Messenger plugin Toaster Plugin
Messenger Headless Mode SDK
Content Security Policy Authenticated web messaging Web messaging Guest API
Mobile Messaging
Web Deployments APIs WebMessaging APIs
External Contacts
Fax Greetings
Task Management in Work Automation
Textbots
Third Party Email and Chat Routing
Voicemail
GDPR & Privacy
Notifications & Alerts
Organization
Platform
Routing & Conversation Handling
Telephony
User & Agent Management
Resources
Announcements
AppFoundry
Genesys for Builders - Amazon Web Services Developer Blog Blueprints Changelog
Developer Applications
Developer Guides Videos
Home
|Communication & Digital Channels
|Digital messaging and engagement
|Web messaging and Messenger
|Messenger JavaScript SDK
|Commands and Events
Removed from toolbox

AuthProvider plugin

The AuthProvider plugin integrates your brand's login system into Messenger by providing your authCode and refreshToken to our Auth plugin, so it can identify each user and start an authenticated conversation.

This JavaScript plugin is authored by your web team. Add the AuthProvider plugin to your web page directly after the location where you deploy the Messenger snippet. Alternatively, use the defer keyword in your script tag to execute the AuthProvider plugin after the page is loaded.

It should contain the following commands and resolve with the data as shown in the below table.

Also see Configure Messenger for authenticated web messaging.

AuthProvider plugin commands

AuthProvider.getAuthCode

This command must contain logic related to fetching the brand's authorization code, specifically authCode and redirectUri. This command must always resolve with this data along with codeVerifier when PKCE flow is enabled. And also this command must resolves with nonce and optionally maxAge if the brand's authorization provider is chosen to be OKTA. Internally, our Auth plugin calls this command and use this data to retrieve a JWT token from the Genesys Cloud Auth API.

Resolutions:

Name

Description

Return message

Copied
Return Data
{
"authCode": <alphanumeric string>, // mandatory field
"maxAge": <Time in seconds>, // optionally required if the brand's authorization provider is OKTA
"nonce": <alphanumeric string>, // optionally required if the brand's authorization provider is OKTA
"redirectUri": <url>, // mandatory field
"codeVerifier": <alphanumeric string> //required if PKCE flow is enabled
}

AuthProvider.reAuthenticate

This command must contain logic related to handling your brand's login process. This can be as simple as calling the login() function that is bound to your login button click. This way when the user logs in again, the new authorization code is retrieved. Messenger calls this command when the current authorization code or refresh token is expired.

Resolution: Not applicable.

AuthProvider.signIn

This command is required when Step-up conversation is enabled. It must contain logic related to brand reading user credentials from the login form and trigger the login process.

Similar to AuthProvider.getAuthCode command, this command must resolve with the same data as in there. Typically, you will call the same login method that you would have already integrated with above command and resolve with appropriate data. The difference here in having sign-in command is, it will let Messenger know that the brand is not signed-in yet (although Messenger is initialized) and it can now try to sign-in later.

Auth plugin will call this command when Messenger is trying to step-up the conversation and it will wait until the tokens are retrieved. This command must publish AuthProvider.signedIn event along with the same resolved data to let Messenger know that the sign-in was successful so it can reinitialize itself.

Resolutions:

Name

Description

Events published

Return message

Copied
Return Data
{
"authCode": <alphanumeric string>, // mandatory field
"maxAge": <Time in seconds>, // optionally required if the brand's authorization provider is OKTA
"nonce": <alphanumeric string>, // optionally required if the brand's authorization provider is OKTA
"redirectUri": <url>, // mandatory field
"codeVerifier": <alphanumeric string> //required if PKCE flow is enabled
}

AuthProvider plugin events

AuthProvider.signedIn

Published when brand has signed in successfully.

Copied
Data
{
"authCode": <alphanumeric string>,
"maxAge": <Time in seconds>,
"nonce": <alphanumeric string>,
"redirectUri": <url>,
"codeVerifier": <alphanumeric string>
}

AuthProvider.signInFailed

Published when brand fails to sign-in. This will let Messenger know that something went wrong in the sign-in process so it can set the UI state accordingly.

Data: Authentication error data

Authentication with AutoStart enabled

In headless mode, when Authentication is enabled in the Messenger configuration, a WebSocket connection is automatically established to check and restore any active authenticated conversation. In this case, when AutoStart is enabled too and there is no active conversation, a new conversation is automatically started which may not be the ideal behavior. To avoid this, following setting is required in your AuthProvider plugin. This will let Messenger know to only configure the conversation session but not auto start yet.

Copied
Example
AuthProvider.data('settings', {
headless: {
configureOnly: true
}
});

Later when you are ready to start the conversation, i.e. typically when you open the Messenger, MessagingService.joinConversation command can be used which will send the JOIN event.

Genesys Cloud resourcesBeyond TrainingCommunity ForumKnowledge NetworkResource CenterStatus
App FoundryOverviewAvailable AppsContributeStyle Guide
Connect with usGithubTwitterDeveloper ForumDeveloper BlogGenesys BlogDevCast Newsletter
Copyright © 2025 Genesys. All rights reserved.
Terms of Use | Privacy Policy
On this page

Privacy Settings

This site uses cookies and related technologies, as described in our privacy policy, for purposes that may include site operation, analytics, enhanced user experience, or advertising. You may choose to consent to our use of these technologies, or manage your own preferences. Learn more here