Remove Authentication from the Widget
Joe Scanlon
Right now, some users need to log into Marker.io to see the widget on a website. We want to remove this requirement and let teams decide exactly who gets access.
How It Could Work
Teams could choose who sees the widget, without requiring a Marker.io login. Options might include:
- Everyone
- Only internal team members
- Only logged-in users on the website
- Only people with a special invite link
- Only visitors from a specific country or region
- Only on certain pages etc
Log In
Joe Scanlon
Merged in a post:
Widget Identity Verification via Token
Emile-Victor Portenart
Summary:
Implement identity verification via a token in the widget snippet code instead of using cookies.
Description:
Currently, our system uses cookies to identify and log in users to their accounts within the widget on your website. By switching to a token-based authentication method, users will be automatically logged into their accounts in the widget without needing to log in manually. This change will also resolve issues where the login button is not visible on mobile devices and browsers that block cookies.
Benefits:
- Automatic Login:Users are automatically logged in, enhancing the user experience.
- Improved Compatibility:Resolves issues with login buttons not appearing on mobile and in cookie-blocked browsers.
S
Steve Iribarne
This is a very important for us because I CANNOT put this on our production servers because of the PII information you will store in the cookie (ie email address). I believe if you use a token, then there in no Personal Identifiable Information that will be stored on your site and I can put in on my production server.
Emile-Victor Portenart
Steve Iribarne: Interesting. Thank you for letting us know. I believe we'll still store the email in our feedback as it'd be the only way for your devs to go back to your reporter. I guess Anonymous feedback ( https://marker-io.canny.io/feature-request/p/collect-anonymous-feedback ) would work perfectly for your use case? Or do you still want to collect the email in your Jira issue BUT not in Marker.io?