Auth for Chat
Introduction
Secure token-based authentication system
Overview
PerformChat uses a secure token-based authentication system to protect your users' conversations. This guide explains how authentication works, how to generate tokens, and best practices for implementation.
How Authentication Works
PerformChat uses JWT (JSON Web Tokens) for authentication. Every chat session requires a valid token that:
- Identifies the user (customer_user)
- Associates the session with your company
- Specifies which AI agent to use
- Defines permissions for the session
- Has a limited lifetime for security
Security Model
graph TB
A[Your Application] -->|1. User logs in| B[Your Backend]
B -->|2. Request token with API Key| C[PerformChat API]
C -->|3. Validates API Key| D[Database]
D -->|4. Returns validation| C
C -->|5. Creates customer_user| D
C -->|6. Generates JWT token| B
B -->|7. Returns token| A
A -->|8. Uses token for chat| E[PerformChat Widget/SDK]
style A fill:#e3f2fd
style B fill:#fff3e0
style C fill:#e8f5e9
style D fill:#fce4ec
style E fill:#f3e5f5