botBrains keeps track of your users by default. You can annotate additional user data via the Web SDK. New data will always overwrite old data.

Annotate Users

$botbrains.push(["set", "user.data", {
	first_name: "Liam",
	last_name: "van der Viven",
	email: "[email protected]",
	phone: "+4915168433056"
}]);

Arbitrary Data

You can also annotate custom values with the external_attributes JSON.

<aside> ⚠️

The total JSON size of external_attributes must be below 8KB.

</aside>

$botbrains.push(["set", "user.data", {
	first_name: "Liam",
	last_name: "van der Viven",
	email: "[email protected]",
	phone: "+4915168433056",
	external_attributes: {
		"plan": "basic",
		"joined_on": "2024-01-01"
	}
}]);

Session Continuity

A session allows users to retrieve their past conversations.

By default, botBrains enables session continuity within the same browser and all subdomains. This means a user that goes to your landing page on www.acme.com and then signs into app.acme.com will still be identified as the same user.

You can opt-in to cross device session continuity by manually the user via the user.identify action in the SDK.

User Identificiation

<aside> ⚠️

User Identification must be implemented correctly on your part. Make sure to read the Security section to learn how.

</aside>

$botbrains.push(["do", "user.identify", ["user_123456789", {
	first_name: "Liam",
	last_name: "van der Viven",
	email: "[email protected]",
	phone: "+4915168433056",
	external_attributes: {
		"plan": "basic",
		"joined_on": "2024-01-01"
	}
}]]);

The user_123456789 key here is what we call the external_id of a user. Two users with the same external_id will be able to reach each others conversations.

🚨 Security 🚨 - READ THIS

<aside> 🚨

Not following these recommendations make the conversations of your users vulnerable to impersonation. botBrains does not take responsibility for misconfigured systems.

</aside>

Since we allow you to explicitly set if users are the same or different and thus retrieve sensitive information such as past conversations, we need to be careful in choosing the external_id. You have two options:

  1. User-Specific Secret

    Randomly generate an id, store with your user and sent to your frontend. Do not use or leak this anywhere.

  2. Verified User ID (✅ Recommended)

    Possibly known ID that is added with a signature of a shared secret of your backend and the botBrains Platform.