Identity Verification

Identity verification lets your agent know who the user is—enabling personalized support and persistent conversations.

What You Get

Feature	Anonymous	Verified
Chat	✅	✅
Conversation history	❌	✅
Personalized by name	❌	✅
User-specific actions	❌	✅

How It Works

User logs into YOUR app
Your backend mints a Crow identity token (JWT signed with your Crow secret)
Your frontend calls window.crow('identify', { token })
Widget now knows who the user is

This is not your app’s session JWT. It’s a separate Crow-scoped identity token that your backend mints specifically for Crow. Your app JWT stays private.

1. Get Your Secret

app.usecrow.ai/deploy → copy Verification Secret Add to your backend environment:

CROW_VERIFICATION_SECRET=your_secret_here

Never expose this secret in frontend code.

2. Create Backend Endpoint

const jwt = require('jsonwebtoken')

app.get('/api/crow-token', authMiddleware, (req, res) => {
  const token = jwt.sign(
    {
      user_id: String(req.user.id),  // Required
      exp: Math.floor(Date.now() / 1000) + 3600,  // Required: 1 hour
      email: req.user.email,  // Optional
      name: req.user.name,  // Optional
    },
    process.env.CROW_VERIFICATION_SECRET,
    { algorithm: 'HS256' }
  )
  res.json({ token })
})

JWT Payload

Field	Type	Required	Description
`user_id`	string	Yes	Unique user identifier
`exp`	number	Yes	Expiration (Unix timestamp)
`email`	string	No	User’s email
`name`	string	No	Display name

3. Identify in Frontend

React SDK (Recommended)
Script Tag

Pass getIdentityToken to CrowWidget or CrowCopilot. The SDK calls it on mount and auto-refreshes when the token expires — no manual polling needed.

import { CrowWidget } from '@usecrow/ui';

function App() {
  return (
    <CrowWidget
      productId="YOUR_PRODUCT_ID"
      apiUrl="https://api.usecrow.org"
      getIdentityToken={async () => {
        const res = await fetch('/api/crow-token');
        const { token } = await res.json();
        return token;
      }}
    />
  );
}

That’s it. No useEffect, no setInterval, no window.crow('identify') calls.

async function identifyToCrow() {
  const res = await fetch('/api/crow-token', {
    headers: { Authorization: `Bearer ${yourAuthToken}` }
  })
  const { token } = await res.json()
  
  window.crow('identify', { token, name: userName })
}

// Call after login or on page load if already logged in
identifyToCrow()

// Refresh every 50 minutes (token expires in 60)
setInterval(identifyToCrow, 50 * 60 * 1000)

4. Handle Logout

React SDK
Script Tag

Logout is handled automatically — when the component unmounts or the user navigates away, the session is cleared.

function handleLogout() {
  logout()
  window.crow('resetUser')
}

Always call resetUser on logout to clear the previous user’s session.

Troubleshooting

Issue	Solution
User not identified	Check secret matches dashboard, `user_id` is string
Token invalid	Check `exp` is in future, algorithm is HS256
History not persisting	Call `identify()` on page load, not just after login

Get Started

Setup

Agent

Knowledge Base

Integration

Monitor

What You Get

How It Works

1. Get Your Secret

2. Create Backend Endpoint

JWT Payload

3. Identify in Frontend

4. Handle Logout

Troubleshooting

Get Started

Setup

Agent

Knowledge Base

Integration

Monitor

Documentation Index

​What You Get

​How It Works

​1. Get Your Secret

​2. Create Backend Endpoint

​JWT Payload

​3. Identify in Frontend

​4. Handle Logout

​Troubleshooting

What You Get

How It Works

1. Get Your Secret

2. Create Backend Endpoint

JWT Payload

3. Identify in Frontend

4. Handle Logout

Troubleshooting