Linking back to your app

Email and SMS notifications include a link back to your site, the "Inbox URL", which you can configure in the TalkJS Dashboard We recommend that you set up this link to leads directly to the relevant conversation.

Linking to your user's inbox

For example, if you made an inbox page on, we recommend that you give this page an optional parameter that preselects the appropriate conversation, e.g. Then, in the email settings on the dashboard, use template macros to make TalkJS build the appropriate link:{{}}.

Linking to a product or order page

You may prefer to send the user back to the page where they started the conversation. For example, if they were discussing a particular product or order, you might want to make the Inbox URL not lead back to an inbox page at all, but straight to the page about that product or order, and embed a Chatbox or Popup there. In this case, you will want to build a link that contains the appropriate product or order ID.

If you used the order ID for a conversation ID then you can use a similar URL as above:{{}}. If a conversation ID is different from the relevant order or product ID, then you may wish to add a custom field to the conversation.

For example, you could pass {"productId": "12345"} when creating the conversation and then configure the Inbox URL like this:{{conversation.custom.productId}}

Automatically logging in

If you want to make it as easy as possible for a user to log back into your site, even on different devices, you may wish to add an authentication token to the Inbox URL which automatically logs your user in.

A practical way to do this is to give the user a custom field called authToken which contains a cryptographically signed token (for example, a JSON Web Token) containing the user's ID and an expiry date. Set up the Inbox URL like this:{{}}&authToken={{user.custom.authToken}}

Then, in the backend on your inbox page, check whether a valid authToken was passed. If so, log the user in before displaying the page.

Security considerations

Please carefully consider the security ramifications of doing this. People tend to be fairly liberal with forwarding emails to others, and if an email contains an auto-login-link then they might accidentally allow others to impersonate them.

One way to mitigate this is to allow the auto-login mechanism to work on expired user sessions, but not on devices that were never seen before. This way, a user will still need to log in the first time they use your app on a new device, but they'll be automatically logged in on any device where they were logged in before, even if it's been a while.

Some TalkJS customers let users communicate in a single conversation only, if they had an invalid session but a valid authentication token. This way, users can quickly respond to messages from your app without compromising security while still being engaged to further explore your site.