Messaging Authentication: Verified email and merging existing users based on email

Zendesk introduced a new email verification flow to handle the mapping of authenticated Messaging users and exiting end-user profiles. It's a lot so let's dive in!

Messaging Authentication: Verified email and merging existing users based on email

One of the biggest feature requests for Zendesk Messaging is a way to link authenticated Messaging users to existing end-user profiles in Zendesk.

Currently, when a user interacts with the Zendesk Messaging Widget and we ask for an email address, that conversation is linked to their existing profile and the agent sees both the messaging conversation and the existing email threads in one overview.

However, when we authenticate a user in Zendesk Messaging via JWT, that same interaction will create a new profile in Zendesk for that user, regardless of an existing user with that email already available in Zendesk. The only way to currently make sure both are matched, is by making sure the external_id matches.

If you look at the Zendesk Community or at my own blog you'll notice that this let to a lot of confusion, frustration and duplicate users.

This week Zendesk finally addressed this issue and fixed it by writing one of the most complex support articles I've ever seen:

Using email identities to authenticate end users for messaging
What’s my plan? Zendesk identities are unique, which means the email identity owned by one user can’t simultaneously be owned by another user. This article explains what email identities are…
If you like this content and want to support the blog, take a look at Internal Note Plus, our paid tier with additional content.

Be careful what you wish for...

Before we dive into this new release, let me tell you what it's not:

It is not a simple way to link authenticated Zendesk users to existing end-users based on email.

So for those who hoped to be able to authenticate users and.. have the conversations show up in their profiles, well, there's more to it than just that.

Instead Zendesk starts from the concept of a Verified Email Identity. This verified status means agents can trust that the user they're talking to is the actual user and not an impersonation.

Starting from this status we can then map the scenarios and up with users linked against their existing profiles, or not.