Identity verification

When an action returns someone's private details — their own order, booking, or account — you must be sure the visitor is that person. Mark the action "Requires a verified visitor" and IntegrioChat will only run it once the visitor's identity is verified.

While a visitor is unverified, the gated action is not even offered to the AI, so it can't be called.

Two ways to verify

1. Email code (works on any site, no setup)

The chatbot asks for the visitor's email, emails a 6-digit code, and verifies it in the chat. Once verified, the session stays verified for an hour. Sends are rate-limited to prevent abuse.

2. Signed identity (for logged-in sites)

If your site already knows who the visitor is, it can vouch for them so they don't re-verify. On your server, compute an HMAC and pass it to the widget.

1. In the Actions tab, open Identity verification and generate a signing secret (shown once — keep it on your server).
2. Compute HMAC-SHA256(secret, userId + "|" + email) as hex.
3. Set it on the page before the widget loads:

window.integriochatIdentity = { userId: "USER_ID", email: "user@example.com", signature: "SERVER_COMPUTED_HMAC" };

IntegrioChat verifies the signature against your secret. If it matches, the visitor is verified.

How the verified identity reaches your API

Once verified, use {{verified_email}} (or {{verified_user_id}}) in your request. These are injected on the server — the AI never sets them, so it can't substitute a different person.

https://api.yourstore.com/orders?email={{verified_email}}

Design your endpoint to scope results to the identity you receive, and reject anything else. That's what makes personal lookups safe.