[Must do] Set an identity (authentication)

This is the developer guide for the Support SDK v1 for Android. For Support SDK v2, see Support SDK v2 Android.

Before you can initialize and use the Support SDK, ensure that you have already configured your app in Zendesk Support, integrated the SDK, and initialized the SDK.

Each instance of your application has to authenticate as a Zendesk Support user to access Help Center or to submit tickets to Zendesk Support. You can choose between two types of authentication:

  • Anonymous access
  • JWT authentication

To determine which option is best for your organization, see Authentication decision in the SDK integration checklist.

On the Zendesk Support side, an administrator must enable the chosen option in the admin interface. If you're a Zendesk Support admin, see Registering the application in Zendesk Support.

Note: The Zendesk Support SDK is intended for end-users only. Authenticating with an agent email address will cause a 403 authentication error. Please be aware of this when testing your integration.

Authenticate using an anonymous identity

Use this option if you do not know, or do not need to know, the details of your end-user.

Use the following code after the ZendeskConfig statement that initializes the SDK in your app's Application class onCreate() method.

Identity identity = new AnonymousIdentity.Builder().build();
ZendeskConfig.INSTANCE.setIdentity(identity);

Authenticate using an anonymous identity (with COPPA compliance)

If you need to comply with the Federal Trade Commission's Children's Online Privacy Protection Act (COPPA) the Support SDK can block the name and email from being sent with the user's identity. Compliance with COPPA only applies when you authenticate using an anonymous identity.

Use the following code after the ZendeskConfig statement that initializes the SDK in your app's Application class onCreate() method.

ZendeskConfig.INSTANCE.setCoppaEnabled(true);

Identity identity = new AnonymousIdentity.Builder().build();
ZendeskConfig.INSTANCE.setIdentity(identity);

After setting the setCoppaEnabled property, identifying data is ignored even if you provide it.

Adding identifying information to your anonymous identity

You can choose to add your end-user's name, and/or email address to the identity you create. There are some important points to note when you make this decision.

  • Including an email address in the anonymous identity will ensure that any new tickets will be linked to that profile in Zendesk Support.
  • End-users will only ever see the tickets they created on that device via the Support SDK.
  • Tickets created using an anonymous identity will be flagged with warning to agents, so that they know that the end-user was not logged in when the ticket was created for them.

Authenticate using an anonymous identity (with details)

If you know your end-user's name and/or email address, you can include them in the identity. This will group requests created via the Support SDK with any others they have in Zendesk Support if the details match.

This option does not allow your end-user to see or update any requests created anywhere other than on their current device. This is because an anonymous identity is an untrusted one.

Use the following code after the ZendeskConfig statement that initializes the SDK in your app's Application class onCreate() method.

Identity identity = new AnonymousIdentity.Builder()
        .withNameIdentifier("John Bob")
        .withEmailIdentifier("johnbob@example.com")
        .build();
ZendeskConfig.INSTANCE.setIdentity(identity);

Authenticate using your JWT endpoint

You must meet the following requirements to use JWT authentication:

  • Your organization can build and maintain a dedicated JWT endpoint for the Support SDK. See Building a dedicated JWT endpoint for the Support SDK in the Zendesk Help Center

  • Your organization has a user database and a way for the endpoint to query it. Zendesk Support will pass a unique identifier to the JWT endpoint and wait for your system to look up the user in the database and send a response that the user is known and trusted

  • Your mobile application has access to the unique identifier used to look up the user in the database. The identifier can be whatever you want to use in the query.

A good example of a unique identifier is a user's access token that your app has after your user signs in. We don't recommend using something predictable like an email address or user id.

Here's the authentication flow (enlarge):

Use the following code after the ZendeskConfig statement that initializes the SDK in your app's Application class onCreate() method.

...
Identity jwtUserIdentity = new JwtIdentity("JWT User Identifier");
ZendeskConfig.INSTANCE.setIdentity(jwtUserIdentity);
...

Your service has to provide the following required parameters: Name and Email.

A good example of a JWT user identifier is a user's access token that the app will have after your user logs in. We don't recommend using something predictable like email or user id.