1) Overview
When a visitor starts a chat, the Flow Widget typically collects their name, email address,
and other details through workflow form_field or collect_info nodes.
If your application already knows who this person is — because they are logged in, have
completed an order, or you have CRM data — you can pass that information to the widget
so the chat experience is immediate and personalised.
Advanced widget configuration provides two complementary capabilities:
Visitor Context Data
Send any arbitrary key–value pairs about the visitor to appear in the operator's chat panel. Useful for account IDs, subscription plans, order numbers, CRM notes, or any internal metadata.
Pre-Fill Keys (ims_*)
Use reserved ims_-prefixed keys to populate core chat fields automatically. The workflow engine skips any form steps that are already answered, removing friction for known users.
Both features work together: you pass a single context object, and the system handles what is shown to operators versus what is used to skip workflow steps.
2) Visitor Context Data
Visitor context is a JSON object you attach to the widget embed. It is securely transmitted to the server when the visitor starts a chat session and stored against both the active session and the permanent chat log.
What operators see
In the dashboard chat panel, operators see all supplied context key–value pairs in a dedicated Visitor Context panel before and during the conversation. This gives them instant background — for example, the visitor's account tier or their last support ticket — without asking the customer to repeat themselves.
Where data is stored
Context data is persisted in two database columns (both as sanitised JSON):
activesessions.visitor_context_data— visible during the live chatchatlogs.visitor_context_data— retained on the closed chat transcript
Example context object
{
"account_id": "USR-84920",
"plan": "Pro",
"last_order": "#ORD-20241122",
"ims_username": "Jane Smith",
"ims_email": "jane@example.com"
}
Any key you supply (other than the reserved ims_* keys) is treated as
informational metadata displayed to the operator. The ims_* keys are
additionally used to pre-fill workflow fields — see section 4.
3) How to Pass Context
There are two ways to supply visitor context data. Choose whichever fits your stack.
Option A — data-visitor-context attribute
Recommended
Add a data-visitor-context attribute to your widget embed script tag.
Set its value to a JSON string. This is the simplest approach and requires no extra
JavaScript configuration.
<script
src="https://dashboard.imsupporting.com/public_FlowWidget/popover_assets/js/flowwidget.js"
data-siteid="YOUR_SITEID"
data-mode="popover"
data-visitor-context='{"account_id":"USR-84920","plan":"Pro","ims_username":"Jane Smith","ims_email":"jane@example.com"}'
></script>When generating this server-side, always HTML-encode the JSON string and use single quotes for the attribute so that double quotes inside the JSON are safe:
<?php
$context = json_encode([
'account_id' => $user->id,
'plan' => $user->plan,
'ims_username' => $user->full_name,
'ims_email' => $user->email,
]);
?>
<script
src="https://dashboard.imsupporting.com/public_FlowWidget/popover_assets/js/flowwidget.js"
data-siteid="YOUR_SITEID"
data-mode="popover"
data-visitor-context='<?= htmlspecialchars($context, ENT_QUOTES, 'UTF-8') ?>'
></script>Option B — window.imsFlowConfig object
Define a global configuration object before the widget script tag. Useful if your page generates JavaScript configuration dynamically or needs to integrate with a content-security-policy nonce.
<script>
window.imsFlowConfig = {
siteid: 'YOUR_SITEID',
mode: 'popover',
visitorContext: {
account_id: 'USR-84920',
plan: 'Pro',
ims_username: 'Jane Smith',
ims_email: 'jane@example.com'
}
};
</script>
<script src="https://dashboard.imsupporting.com/public_FlowWidget/popover_assets/js/flowwidget.js"></script>data-visitor-context
takes precedence. The visitorContext property on
window.imsFlowConfig is ignored.
4) Pre-Fill Keys (ims_*)
Any key that begins with ims_ is treated as a reserved field
by the workflow engine. When the visitor reaches a step that would normally ask for one
of these values, the step is automatically skipped — the field is answered silently using
the pre-filled value.
This means a logged-in user who is already known to your system will jump straight to the conversation, bypassing prompts like "What is your name?".
Reserved pre-fill keys
| Key | Maps to | Field names it pre-fills | Notes |
|---|---|---|---|
ims_username |
Visitor name | visitor_name, username, name |
Also used as the visitor's display name in the operator panel |
ims_email |
Email address | visitor_email, email |
Used for email notifications and chat transcripts |
ims_telephone |
Phone number | visitor_phone, phone, custom1 |
Primary phone key; takes priority over ims_phone |
ims_phone |
Phone number (alias) | visitor_phone, phone, custom1 |
Alias for ims_telephone; used if telephone is not set |
Non-reserved keys
Any key that does not start with ims_ is treated as
informational metadata — stored and shown to the operator, but not used to
skip workflow steps. Use any key name you like, for example:
account_id, plan, company, crm_ref.
Key naming rules
- Keys may contain letters, numbers, underscores (
_), and hyphens (-). - Spaces and special characters are not permitted and will be rejected by the server.
- Keys are case-sensitive:
ims_emailandims_Emailare different. Always use lowercaseims_*keys. - Values must be strings. Numbers and booleans are accepted but converted to strings automatically.
- Maximum key length: 100 characters. Maximum value length: 500 characters.
- Maximum total context object size: 20,000 characters (base64-encoded).
5) Workflow Integration
The pre-fill system works automatically with any workflow step that collects user identity
data. No change is required to your workflow configuration — if the relevant
ims_* key is present, the step is silently skipped.
Supported node types
form_fieldIf the node's field_name matches a pre-filled slot (e.g. visitor_name, visitor_email, visitor_phone), the node is skipped entirely and the workflow advances to the next step. The pre-filled value is submitted to the server transparently.
collect_infoEach field in a multi-field collect_info node is checked individually. Fields with a matching pre-fill value are skipped; remaining unknown fields are still shown to the visitor. If all fields are pre-filled, the entire node is skipped.
workflow_data_captured exactly as if the user had typed it. Operators can see
all captured data whether it came from the visitor directly or from context pre-fill.
Workflow design recommendations
- Keep data-collection nodes in the workflow even for authenticated users. The node is skipped automatically when context is supplied; it is still shown for anonymous visitors.
-
Use
form_fieldnodes withfield_nameset tovisitor_name,visitor_email, orvisitor_phoneto benefit from pre-fill automatically. -
Custom field names will not be auto-mapped to the
ims_*pre-fill keys. Stick to the documented field names or test custom mappings in the Workflow Preview tool.
6) PHP Server-Side Example
A production-ready PHP snippet that reads data from the current user session and outputs the widget with visitor context. Adapt the property names to match your application's user model.
Generic PHP
<?php
/**
* IMSupporting Flow Widget — server-side context injection.
* Place this in your page template after the user is authenticated.
*/
$widgetContext = [];
if (isset($_SESSION['user'])) {
$u = $_SESSION['user'];
// Reserved ims_* keys trigger workflow pre-fill
$widgetContext['ims_username'] = $u['display_name'];
$widgetContext['ims_email'] = $u['email'];
$widgetContext['ims_telephone'] = $u['phone'] ?? '';
// Any other keys are shown to operators as metadata
$widgetContext['account_id'] = $u['id'];
$widgetContext['plan'] = $u['subscription_tier'];
$widgetContext['company'] = $u['company_name'] ?? '';
$widgetContext['last_login'] = date('Y-m-d H:i', strtotime($u['last_login']));
}
// Encode safely for HTML attribute output
$contextJson = json_encode($widgetContext, JSON_UNESCAPED_UNICODE);
$contextAttr = htmlspecialchars($contextJson, ENT_QUOTES | ENT_HTML5, 'UTF-8');
?>
<!-- Widget embed — output near closing </body> tag -->
<script
src="https://dashboard.imsupporting.com/public_FlowWidget/popover_assets/js/flowwidget.js"
data-siteid="<?= htmlspecialchars($yourSiteId, ENT_QUOTES, 'UTF-8') ?>"
data-mode="popover"
<?php if (!empty($widgetContext)): ?>
data-visitor-context='<?= $contextAttr ?>'
<?php endif; ?>
></script>data-visitor-context attribute
only when context is non-empty. For anonymous visitors, omit the attribute
entirely rather than passing an empty object — this keeps the widget payload small
and ensures workflow form steps are shown correctly.
WordPress / WooCommerce
<?php
/**
* Add to your theme's functions.php or a site-specific plugin.
* Outputs the IMSupporting widget in wp_footer with WP user context.
*/
add_action('wp_footer', 'imsupporting_widget_output');
function imsupporting_widget_output() {
$siteid = 'YOUR_SITEID'; // replace with your site ID
$context = [];
if (is_user_logged_in()) {
$user = wp_get_current_user();
$context['ims_username'] = $user->display_name;
$context['ims_email'] = $user->user_email;
$context['wp_user_id'] = $user->ID;
$context['wp_role'] = implode(', ', $user->roles);
// WooCommerce: add last order number if available
if (function_exists('wc_get_customer_last_order')) {
$last_order = wc_get_customer_last_order($user->ID);
if ($last_order) {
$context['last_order'] = '#' . $last_order->get_order_number();
}
}
}
$attr = '';
if (!empty($context)) {
$attr = " data-visitor-context='"
. esc_attr(json_encode($context, JSON_UNESCAPED_UNICODE))
. "'";
}
echo '<script src="https://dashboard.imsupporting.com/public_FlowWidget/popover_assets/js/flowwidget.js"'
. ' data-siteid="' . esc_attr($siteid) . '"'
. ' data-mode="popover"'
. $attr
. '></script>' . "\n";
}
?>7) Security & Validation
Visitor context is transmitted as a base64-encoded JSON payload attached to the widget's initialisation URL. The server applies several layers of validation before accepting or storing any data.
Server-side validation rules
| Check | Rule | Action on failure |
|---|---|---|
| Payload size | Base64 string must be ≤ 20,000 characters | Context is silently discarded; chat continues without it |
| Base64 decode | Must be valid base64 | Context discarded |
| JSON parse | Decoded string must be a valid JSON object (not array) | Context discarded |
| Key format | Keys must match /^[a-zA-Z0-9_\-]+$/ |
Invalid key–value pairs are silently dropped |
| Value sanitisation | All values are HTML-decoded then strip-tagged; no HTML is stored | Applied automatically |
| Value length | Values truncated to 500 characters | Applied automatically |
| Max keys | Only the first 50 key–value pairs are accepted | Excess keys discarded |
What never gets exposed to other visitors
Visitor context data is tied to the individual chat session via the unique jsSessionId. It is:
- Stored per-session and never returned to client-side JavaScript after submission
- Scoped by
siteid— operators on different sites cannot see each other's visitor data - Excluded from end-user chat transcript emails — only the operator-facing dashboard displays visitor context
8) Frequently Asked Questions
Does visitor context work with the classic Chat Widget as well as Flow Widget?
Visitor context data and ims_* pre-fill keys are currently
supported in the Flow Widget only.
The classic Chat Widget does not process the data-visitor-context attribute.
What happens if I pass context for an anonymous visitor?
You can still pass non-identity context data (e.g. the page the visitor was on,
the product they were viewing, or a campaign code) for anonymous visitors.
Simply omit the ims_* keys and the workflow will display all
collection steps as usual. Your metadata will still appear in the operator panel.
Can I update the context after the widget loads (e.g. after a login)?
Context is read once when the widget initialises. If the visitor logs in after
the widget has already loaded, you will need to reload the widget (or the page)
so that the new context is picked up. For single-page applications, call
window.imsFlowWidget.reload() if the visitor's authentication state changes.
Are the skipped form steps recorded in the chat transcript?
Yes. Pre-filled values are submitted to workflow_data_captured
exactly as if the visitor had typed them. The operator's chat panel and workflow
analytics will show all captured data regardless of its source. Skipped steps
count towards workflow analytics as completed steps.
Can I use context data to conditionally route visitors in the workflow?
Not directly via context key–value pairs at this time. However, the data is
available to operators during the conversation and is stored on the chat session
for reporting. Workflow branching is controlled by the conditional
node type, which evaluates captured form fields. You can use a pre-filled
form_field to influence a downstream conditional node.
Is there a limit to how many metadata keys I can pass?
The server accepts up to 50 key–value pairs per session. The entire base64-encoded context payload must be under 20,000 characters before decoding. Individual values are capped at 500 characters each. Excess pairs or oversized payloads are silently discarded and the chat continues unaffected.
How do I test that context is being received correctly?
Start a test chat using the Workflow Preview tool in the
dashboard. Then open the chat session in the main dashboard — the Visitor Context
panel on the right-hand side of the chat view will show all received key–value
pairs. You can also query the activesessions.visitor_context_data
column directly in the database to inspect the raw stored JSON.