Identify and Secure Mode

Link visitors to contacts and verify identity with HMAC signatures.

Identify and Secure Mode

Use identify to attach a browser visitor to a contact. Use secure mode when identity affects previous messages, account data, or privileged support behavior.

Basic Identify

js
RogerIQ("identify", {  email: "ada@example.com",  name: "Ada Lovelace",  company: "Analytical Engines Ltd",  jobTitle: "Founder",  plan: "pro"});

RogerIQ stores the identity locally, sends it to the widget backend, and links the visitor to a contact when possible.

Secure Mode

Secure mode requires a server-generated HMAC-SHA256 signature of the visitor email.

1

Enable secure mode

In Settings -> Widget, enable secure mode and generate a secret.

2

Generate the signature on your server

Sign the lowercase email with the secret.

3

Send the signature to the browser

Include only the signature, never the secret.

4

Call identify

Pass email and signature.

Node Example

ts
import crypto from "node:crypto";function rogeriqSignature(secret: string, email: string) {  return crypto    .createHmac("sha256", secret)    .update(email.toLowerCase())    .digest("hex");}
js
RogerIQ("identify", {  email: "ada@example.com",  name: "Ada Lovelace",  signature: "hex_hmac_from_your_server"});

Identity Events

Listen for identity-updated to know whether the backend accepted the identity.

js
RogerIQ("on", "identity-updated", (payload) => {  console.log(payload.identified, payload.verified, payload.error);});

The secure mode secret must stay on your server. If it is shipped to the browser, secure mode no longer proves identity.

Previous JavaScript API
Next Events and Sessions
Ask a question... ⌘I