Help Scout Secure Mode

Hey Bubblers,

Does anyone know how to implement Help Scout’s Secure Mode on their beacon to see previous conversations?

Here’s the link to the API: Secure Mode | Help Scout Developers



1 Like

Hey @johnny

Did you ever figure out this thing?

Nope, but I’m just trying stuff. I contacted Help Scout, they said:

What you said is correct: in order to implement Secure Mode in Beacon, you’ll need to add a bit of code to generate a unique signature for each of your customers. But it needs to be generated on the server-side, so that your secret key is not exposed to your clients. I’m not too familiar with, but if they provide some sort of module to execute code on the server-side and print the results to the front-end, you should be able to integrate Secure Mode with it. Otherwise, I’m afraid it would not be possible to implement it reliably.

I then contacted Bubble about server sided action and they said:

Thanks for reaching out! Server-side code execution is certainly possible on Bubble. For more details on server-side action, see our user manual. Here’s also a relevant forum thread that might be helpful.

At this point, I’m just trying to make sense of it.


If any technical Bubblers would like to jump in I’d appreciate it :blush:


Hey @johnny

Like generate a random string? I think it should be possible via backend workflows right?

Have you tried a plugin like this: sha256 hash backend Plugin | Bubble

Or this: Base64 Hash & HMAC Encryptor Plugin | Bubble

Maybe that would help? :man_shrugging:t2:

1 Like

Hey, Bubble plugin let you run server side action + you can directly write the nodejs code there, even you can import help scout nodejs Library their.

Ooh, that looks promising— I’ll try that and report back what I find


Hey @J805 and @johnny

But how would you use any of the plugin to get what Help Scout wants?

Because Help Scout says this in their docs:

To enable Secure Mode you’ll first need to generate a SHA-256 HMAC code on your server.

I’ve never really touched any of the programming languages they give examples of on their docs, so I’m not too familiar with what to actually put to generate the signature they want. I reached out to Help Scout to see.

1 Like


Here is the sample API that you would be creating using JavaScript:

Beacon('identify', {
  name: 'Steve Aoki',
  email: '',

Your signature will be generated from the plugin.

Does that help?

You would be using this data: Beacon JavaScript API | Help Scout Developers

I’m just not sure what the signature should contain

Maybe share a screenshot of where you are getting stuck? :man_shrugging:t2: It’s hard for me without pictures since I’m very visual. :blush:

Screen Shot 2022-03-31 at 9.19.17 PM

I sent a note to Help Scout to see if they can provide clarification. I can’t tell if the signature is supposed to be the user email in SHA256 format or if there’s something more needed…

1 Like

Hey @johnny

But in the Help Scout documentation they say that you need the key from the Beacon: Secure Mode | Help Scout Developers

So I guess that you might need to insert the “secret_key_from_beacon_config” in that text field.

I guess you´re running the workflow on page load, right?

The Signature is a signature to verify the integrity of the data. It cannot be just a random string.

The signature needs to be generated server-side so you try use the following in Bubble.

const crypto = require('crypto');

  const signature = crypto
  .createHmac('sha256', 'context.keys["Beacon ID"]')

Currently playing around with the Javascript API, so I might release a plugin if enough people request it.

For Bubble help, reach out via Bubble Coaching | New Horizon Code for your free 30-minute coaching session.

Happy bubble’n

1 Like

Hey @newhorizoncode

Where you say “Beacon ID” I guess you´re trying to say “secret_key_from_beacon_config”, right?

Hi @ryanck,

I should have clarified; sorry about that. We are currently building a Help Scout plugin with secure mode integrated hence the context.keys.

secret_key_from_beacon_config is a beacon ID.

The beacon ID can be found in the Javascript provided during installation. It will look something like window.Beacon ('init', 'your beacon ID').

Hopefully, that clears it up.

For Bubble help, reach out via Bubble Coaching | New Horizon Code for your free 30-minute coaching session.

Happy bubble’n

Hey @newhorizoncode

Understood. Since in the documentation they say that you need to get the secret key from the Beacon configuration page when you activate the secure mode, I thought that you would need to use that key and not the beacon ID.

Then, what´s the security key Help Scout provides when activating the secure mode?

Thanks a lot.