×

HubSpot chat with logged-in visitors

/ CRM, Hubspot / By

How to Use HubSpot to Chat With Logged-In Visitors

Using Hubspot to chat with logged-in visitors lets you identify who is on your site, pull their CRM data into conversations, and deliver highly personalized support or sales messaging in real time.

This guide explains how the logged-in visitor feature works, how to configure it, and how to safely pass data into your chatflows.

What the HubSpot Logged-In Visitor Feature Does

The logged-in visitor feature in HubSpot is designed for websites and apps that require visitors to sign in. When implemented correctly, it allows you to:

  • Recognize known users when they start a chat.
  • Automatically associate chats with CRM contacts.
  • Display personalized messages using contact properties.
  • Control what data is exposed in chat for security and privacy.

To enable this behavior, HubSpot relies on a special token that your backend generates and passes to the chat widget when a user is authenticated.

How HubSpot Identifies Logged-In Visitors

HubSpot does not automatically know who is logged in to your site. Instead, you securely tell HubSpot who the visitor is by creating a signed token on your server and passing it into the chat embed code.

The high-level process is:

  1. Visitor logs in to your site.
  2. Your server verifies their identity.
  3. Your server generates a JSON Web Token (JWT) with key user details.
  4. The token is signed with a secret key shared with HubSpot.
  5. Your frontend passes this token to the HubSpot chat widget.
  6. HubSpot validates the token and links the visitor to the correct CRM contact.

This approach ensures that only your trusted backend can assert user identity, preserving security while enabling personalization.

Requirements Before You Start in HubSpot

Before you configure chat for logged-in visitors, make sure the following are in place:

  • Your HubSpot account has chatflows enabled.
  • The HubSpot tracking code or chat widget is installed on your site or app.
  • Your website has an authentication system (login) you control.
  • Your development team can generate JWTs on the server.

Because this feature touches authentication and tokens, developer support is essential.

Configure HubSpot for Logged-In Visitor Chat

The next step is to configure the setting in your portal that allows HubSpot to accept and validate the token from your website.

Step 1: Access Chatflow Settings in HubSpot

  1. Sign in to your HubSpot account.
  2. Navigate to your Chatflows settings area.
  3. Open the chatflow you want to use with logged-in visitors.
  4. Go to the configuration section that controls visitor identification and targeting.

Different chatflows can share the same logged-in visitor configuration, but you should confirm settings for each one that will be used in a private or authenticated area of your site.

Step 2: Enable Logged-In Visitor Identification

Within your chatflow settings, look for the logged-in visitor or authentication section. There you can:

  • Turn on support for identifying logged-in visitors.
  • View or manage the secret key needed to sign your JWTs.
  • See examples of how to construct the token that HubSpot expects.

Keep your secret key safe, and do not expose it in any client-side code. All signing must happen on your server.

Implement the HubSpot Token on Your Server

Your backend must generate a JWT that HubSpot can validate. The token structure is critical for correct identification and for linking to CRM records.

Step 3: Build the JWT Payload for HubSpot

The JWT payload typically includes:

  • User identifier (such as email or a user ID that matches a CRM property).
  • Expiration time to limit how long the token is valid.
  • Optional properties that you want to pass into HubSpot, such as name or subscription level.

The exact fields and mapping should follow the technical specification provided in the official HubSpot documentation for logged-in visitors.

Step 4: Sign the Token With the HubSpot Secret

When the payload is ready, your server signs it using the secret key configured in your HubSpot settings. Common steps include:

  1. Select a JWT library for your server language (Node.js, Python, Ruby, PHP, etc.).
  2. Load the secret from a secure environment variable.
  3. Sign the payload using the algorithm recommended by HubSpot.
  4. Return the resulting token to your frontend after successful login.

This signed token is what your frontend will pass into the chat widget so HubSpot can connect the visitor to the correct contact.

Connect the Token to the HubSpot Chat Widget

After login, your frontend needs to initialize or update the chat widget with the JWT so HubSpot can treat the user as authenticated.

Step 5: Pass the Token to HubSpot on the Client

On the client side, you update your chat embed code to include the logged-in visitor token. General guidelines are:

  • Initialize the chat widget only after your app knows the user is authenticated.
  • Call the HubSpot API or script method that accepts the JWT.
  • Update the token whenever the user logs out or logs back in.

This ensures that the chat interface reflects the correct identity as users move between public and private areas of your site.

Step 6: Test the Logged-In Visitor Experience

Once the integration is in place, test carefully:

  • Log in as a test user, open a page with the chat widget, and start a chat.
  • Check the associated contact in your CRM to confirm the transcript is attached.
  • Verify that personalization tokens in chat messages correctly pull contact data.
  • Log out and confirm that HubSpot no longer treats the visitor as logged in.

Repeat with multiple test accounts to make sure mapping and identification are consistent.

Using HubSpot Data for Personalized Chatflows

Once logged-in visitors are identified, you can use CRM data in your chatflows for more relevant conversations.

Personalize Messages in HubSpot Chatflows

Inside your chatflow editor, you can:

  • Insert personalization tokens that reference contact properties.
  • Branch chat logic based on lifecycle stage, plan type, or other fields.
  • Pre-fill forms or skip questions when data already exists in HubSpot.

This reduces friction and helps your team deliver context-aware support.

Route Conversations Using HubSpot Contact Data

Chatflows for logged-in visitors can also route based on CRM details. For example:

  • Send VIP customers to a priority support team.
  • Route leads with high deal value to a specific sales queue.
  • Direct existing customers to a customer success or onboarding team.

Because contacts are already identified, HubSpot can evaluate these rules automatically as the chat begins.

Security and Privacy Considerations in HubSpot

When you use logged-in visitor chat, you are linking real user identities to live conversations. Treat this configuration with care.

  • Sign tokens only on the server; never expose the secret in client code.
  • Set short token expirations and refresh them on each login.
  • Pass only the data that is necessary for your chatflows.
  • Review internal access to chats and CRM data inside HubSpot.

By following these practices, you maintain trust and comply with common privacy expectations while still leveraging powerful personalization.

Next Steps and Additional Resources

To go deeper into advanced chat setup beyond this overview, you can work with a HubSpot-savvy consultancy. For broader CRM, automation, and implementation help, consider engaging partners such as Consultevo for strategy and technical guidance.

For the most current technical requirements, supported payload fields, and code samples, always refer directly to the official HubSpot logged-in visitors guide, and coordinate closely with your development team to ensure a secure and reliable implementation.

Need Help With Hubspot?

If you want expert help building, automating, or scaling your Hubspot , work with ConsultEvo, a team who has a decade of Hubspot experience.

Scale Hubspot

“`

Verified by MonsterInsights