Skip to main content
To authorize requests to the Customer Chat API, you’ll need a different access token than the one used for the Agent Chat API and Configuration API. Throughout the whole API documentation, we’ll refer to it as customer_access_token. Customer authorization flows allow you to receive an identity of a customer. You can do it via Cookie grant if you want to receive an identity of a single customer or via agent token grant in order to manage multiple customer identities. Cookie grant is based on the __lc_cid and __lc_cst cookies, which store your customer identity data. These cookies are protected with the Secure and HttpOnly flags, which means that one can send the cookies only via HTTPS and only specific servers can access them. The cookies are valid for 2 years, and each next call to https://accounts.livechat.com/v2/customer/token extends their lifetime. The __lc_cid and __lc_cst cookies are necessary to recognize a customer when an access token is being issued. This flow is recommended for frontend apps that support cookies, such as an app running in a web browser. Each app user has their own and unique customer identity.

Case: New customer

Use this variant to receive a new customer identity. To acquire an access token, make an HTTP POST request to the following URL:
Request Response The response is a JSON with the following parameters: The response also includes headers with the __lc_cid and __lc_cst cookies, for example:
Your web browser will automatically store and attach these cookies to future requests when you try to acquire a new access token.
Cookie grant: new customer
Sample response

Case: Existing customer

Use this option to generate a new access token for an already existing customer identity. If a customer’s token has expired, use this same request — you don’t need to create a new customer identity. To achieve that, make the same exact same request as in Case: New customer. Your entity_id, or any other customer identity data, won’t be overwritten. The web browser will attach cookies to the server allowing it to recognize you as an existing customer. You’ll get a new access token, and cookies’ lifetime will be extended, too. They will be valid for 2 years from your last request to https://accounts.livechat.com/v2/customer/token.

Case: Separating customer identity between groups

Use this option to generate a new access token for a customer (existing or a new one), but with a separate identity per group. This requires the chat_between_groups license property to be set to false. All other parameters in this request are the same as in Case: New customer.

Agent token grant

Agent token grant lets you create customer identity and use it to act on behalf of a customer. To begin, you’ll need an agent access token with the customers:own scope. You can get it via all of the agent authorization flows except for personal access tokens. Agent token grant is recommended for backend integrations. It allows you to impersonate customers and simulate that they send messages from external systems, like Facebook Messenger or WhatsApp, in Text. An integration that follows this authorization flow acts as a middleman between an external system and Text, and it has the ability to manage multiple customer identities.

Case: New customer

First of all, make a HTTP POST request to create a new customer identity by calling the following URL:
Remember to authorize your request using the Authorization header with an agent access token. Request Response The response is a JSON with the following parameters:
Agent token grant: new customer
Sample response

Case: Existing customer

Use this option to get a new access token for an already existing customer identity. Make the same request as in Case: New customer, but this time, specify entity_id to avoid creating a new identity. You can find your entity_id in the response of the request to create a new customer identity.
Agent token grant: existing customer
Sample response

Identity token grant

Identity token grant lets you transfer a customer identity from one place to another, for example transfer the identity between devices or web browsers. To begin, you’ll need a valid agent or customer access token.

Step 1: Generate an identity transfer token

First, you need to generate an identity transfer token by calling the following URL:
Remember to authorize your request using the Authorization header with an agent access token or a customer access token. Request Response The response is a JSON with the following parameters:
Identity transfer: token generation
Sample response

Step 2: Exchange the identity transfer token

After you’ve obtained an identity transfer token, you’re able to exchange it for a customer access token using the identity_transfer grant type. To do so, call:
No authorization is required for this call. Request Response The response is a JSON with the following parameters:
Identity transfer: token exchange
Sample response

Revoking tokens

Look at the Customer Accounts API specification to find more details about revoking customer tokens.

Validating the access token

The instruction on how to validate customer access token of a customer is available in the Customer Accounts API specification.

Errors

If you get stuck or an error appears, see API errors or Authorization errors.