Commit Graph

562 Commits

Author SHA1 Message Date
Gabriel Jablonski
188119317e
chore: allow non-admin to call setup_channel_provider and add localization (#90)
* chore: allow non-admin to call `setup_channel_provider` and add localization

* feat: allow agents to setup channel provider for assigned inboxes and handle unauthorized access
2025-07-29 17:43:57 -03:00
gabrieljablonski
4f0b5cd595 Merge branch 'main' into chatwoot/develop 2025-07-16 09:37:08 -03:00
Tanmay Deep Sharma
61d10044a0
feat: Whatsapp embedded signup (#11612)
## Description

This PR introduces WhatsApp Embedded Signup functionality, enabling
users to connect their WhatsApp Business accounts through Meta's
streamlined OAuth flow without manual webhook configuration. This
significantly improves the user experience by automating the entire
setup process.

**Key Features:**

- Embedded signup flow using Facebook SDK and Meta's OAuth 2.0
- Automatic webhook registration and phone number configuration
- Enhanced provider selection UI with card-based design
- Real-time progress tracking during signup process
- Comprehensive error handling and user feedback


## Required Configuration

The following environment variables must be configured by administrators
before this feature can be used:
Super Admin Configuration (via
super_admin/app_config?config=whatsapp_embedded)

- `WHATSAPP_APP_ID`: The Facebook App ID for WhatsApp Business API
integration
- `WHATSAPP_CONFIGURATION_ID`: The Configuration ID for WhatsApp
Embedded Signup flow (obtained from Meta Developer Portal)
- `WHATSAPP_APP_SECRET`: The App Secret for WhatsApp Embedded Signup
flow (required for token exchange)
![Screenshot 2025-06-09 at 11 21
08 AM](https://github.com/user-attachments/assets/1615fb0d-27fc-4d9e-b193-9be7894ea93a)


## How Has This Been Tested?

#### Backend Tests (RSpec):

- Authentication validation for embedded signup endpoints
- Authorization code validation and error handling
- Missing business parameter validation
- Proper response format for configuration endpoint
- Unauthorized access prevention

#### Manual Test Cases:

- Complete embedded signup flow (happy path)
- Provider selection UI navigation
- Facebook authentication popup handling
- Error scenarios (cancelled auth, invalid business data, API failures)
- Configuration presence/absence behavior

## Related Screenshots:

![Screenshot 2025-06-09 at 7 48
18 PM](https://github.com/user-attachments/assets/34001425-df11-4d78-9424-334461e3178f)
![Screenshot 2025-06-09 at 7 48
22 PM](https://github.com/user-attachments/assets/c09f4964-3aba-4c39-9285-d1e8e37d0e33)
![Screenshot 2025-06-09 at 7 48
32 PM](https://github.com/user-attachments/assets/a34d5382-7a91-4e1c-906e-dc2d570c864a)
![Screenshot 2025-06-09 at 10 43
05 AM](https://github.com/user-attachments/assets/a15840d8-8223-4513-82e4-b08f23c95927)
![Screenshot 2025-06-09 at 10 42
56 AM](https://github.com/user-attachments/assets/8c345022-38b5-44c4-aba2-0cda81389c69)


Fixes
https://linear.app/chatwoot/issue/CW-2131/spec-for-whatsapp-cloud-channels-sign-in-with-facebook

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>
2025-07-14 21:37:06 -07:00
Muhsin Keloth
01acbe3cda
feat: Add user attribution to Linear integration with actor authorization (#11774)
- Add `actor=app` parameter to Linear OAuth authorization URL for
consistent app-level authorization
https://linear.app/developers/oauth-actor-authorization
- Implement user attribution for Linear issue creation and linking using
`createAsUser` and `displayIconUrl` parameters
- Enhance Linear integration to properly attribute actions to specific
Chatwoot agents

**Note**
- The displayIconUrl parameter is being sent correctly to Linear's
GraphQL API (verified through testing), but there is an issues with icon
is not attaching properly.
- We might need to disconnect the integration connect again.
2025-07-01 16:49:26 +05:30
Muhsin Keloth
14ba73fc63
fix: Revoke Linear OAuth token when integration is deleted (#11838)
When users delete the Linear integration from their Chatwoot dashboard,
the access token remains valid in Linear's system. This causes the
integration to still appear as connected in Linear's UI, even though
it's been removed from Chatwoot. Users need to manually disconnect from
Linear's side to fully remove the integration.


https://www.loom.com/share/5c102cbdf02e49bcb7a6fa6d409b531a?sid=0c664250-c867-4fc8-b44d-e1c1165337a7
2025-07-01 13:31:02 +05:30
Shivam Mishra
b26862e3d8
feat: notion OAuth setup (#11765)
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2025-06-26 19:16:06 +05:30
Sivin Varghese
cc8866a84e
feat: Sync Popular Articles locale with widget locale (#11754)
# Pull Request Template

## Description

This PR includes the following improvements:
* **Popular Articles Locale Selection based on Widget Locale**
  * Implements priority-based locale matching:
    * Exact locale match (e.g., "fr" === "fr")
    * Base language match (e.g., "fr" when selected is "fr_CA")
    * Variant match (e.g., "fr_BE" when selected is "fr")
* Removes default locale fallback - if no locale match is found, popular
articles section is hidden.
    
* Fixed **API** filter issue where the locale parameter was previously
ignored

* Hides Popular Articles section completely when no locale match is
found and Only shows relevant articles in the user's language


* **RTL Direction Handling Improvements**
* Now directly reads the `lang` attribute from HTML element `<html
lang="en">` instead of relying on `.locale-switcher` and sets direction
attribute based on language.

* Adds `data-dir-applied` attribute to prevent overlapping direction
settings between global helpers and components (eg case: Insert article
in editor dashboard)

* Update `IframeLoader.vue` to Composition API and improve the **dir**
logic

Fixes 
1.
[CW-4505](https://linear.app/chatwoot/issue/CW-4505/popular-articles-not-displayed-based-on-user-locale-in-live-chat),
https://github.com/chatwoot/chatwoot/issues/11745
2. RTL direction is not working in widget article view after merging
this PR https://github.com/chatwoot/chatwoot/pull/11692

## Type of change

- [x] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)

## How Has This Been Tested?

### Loom video

**Popular Articles**

https://www.loom.com/share/7cecbaaa77eb48e19263398b6ba8ddef?sid=a2452b8e-7d7e-46a3-b5c8-aed5ab5bc801

**RTL improvements**

https://www.loom.com/share/3ccad77174a0412097e802641df5f3e0?sid=e10ac57f-5c49-4084-84d3-5ad58aee54fa

## Checklist:

- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my code
- [x] I have commented on my code, particularly in hard-to-understand
areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [x] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published in downstream
modules

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2025-06-24 19:52:44 +05:30
Shivam Mishra
f6dbbf0d90
refactor: use state-based authentication (#11690)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2025-06-18 17:39:06 +05:30
Sojan Jose
16dbcabaac
feat: Enable super admin deletion of agent bots (#11748)
## Summary
- Allow super admins to remove agent bots
2025-06-17 15:41:29 -07:00
Muhsin Keloth
f4381e3b5d
feat: Add activity messages for linear actions (#11654) 2025-06-13 11:57:11 +05:30
Gabriel Jablonski
3cd273d2d0
chore: fix issues with specs and provider disconnect (#67)
* chore: fix issues with specs and provider disconnect

* test: add expects
2025-06-12 12:14:54 -03:00
Alex808r
0d05a07aa7
fix: Prevent display_name reset when updating password (#10374)
Fixes #10372

---------
Co-authored-by: Pranav <pranavrajs@gmail.com>
2025-06-11 19:05:30 -04:00
Pranav
4a83e70158
fix: Avoid throwing 406 for non-json requests (#11701)
Users get confused between app routes and API routes. Instead of hitting
/api, they append /app in the API call, which ends up calling the
dashboard controller and throws an error. To fix this, we added a check
to throw a 406 Not Acceptable for non-HTML requests. But Meta requires
Accept: \*/\* to return 200 for the integration to be accepted.

This change will only throw an error for JSON requests.

Fixes #11697
Fixes https://github.com/chatwoot/chatwoot/issues/11251
Fixes https://github.com/chatwoot/chatwoot/issues/11205
2025-06-10 15:12:32 -04:00
gabrieljablonski
b990ca9570 Merge branch 'main' into chore/merge-upstream 2025-06-09 19:49:48 -03:00
Sojan Jose
10363e77ad
chore: Add region option to Dialogflow integration (#11510)
## Summary
- support region option when configuring Dialogflow integration
- connect to region endpoint when set
- use session identification based on the region

Fixes: https://github.com/chatwoot/chatwoot/issues/4129
2025-06-05 20:01:17 -05:00
Sojan Jose
273c277d47
feat: Add conversation delete feature (#11677)
<img width="1240" alt="Screenshot 2025-06-05 at 12 39 04 AM"
src="https://github.com/user-attachments/assets/0071cd23-38c3-4638-946e-f1fbd11ec845"
/>


## Changes

Give the admins an option to delete conversation via the context menu

- enable conversation deletion in routes and controller
- expose delete API on conversations
- add delete option in conversation context menu and integrate with card
and list
- implement store action and mutation for delete
- update i18n with new strings

fixes: https://github.com/chatwoot/chatwoot/issues/947

---------

Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Pranav <pranavrajs@gmail.com>
2025-06-05 15:53:17 -05:00
Cayo P. R. Oliveira
a3effacc21
Feat: improve read receipts (#56)
* feat: add store in additional_attributes to conversation model

* feat: set default mark_as_read to true in additional_attributes for conversation params

* fix: remove mark_as_read from additional_attributes in conversation

* refactor: move message read logic to mark_messages_as_read method in ConversationsController

* feat: add 'Mark messages as read' option to WhatsApp channel settings

* feat: add 'mark_as_read' option in factorie  for WhatsApp channel

* feat: integrate Checkbox component for 'mark as read' option in WhatsApp settings

* fix: ensure 'mark_as_read' option is included in channel creation payload

* feat: add 'Mark as read' settings for WhatsApp inbox, including UI and state management

* chore: remove redundant content update test from IncomingMessageBaileysService spec

* feat: update 'Mark as read' label to 'Read receipts' and replace Checkbox with Switch component in WhatsApp settings

* fix: handle potential nil value for 'mark_as_read' in provider config

* feat: refactor provider config to streamline channel creation with 'mark_as_read' option

* feat: add test for MESSAGE_READ event dispatch in update_last_seen action

* fix: update subheader for 'Mark as read' setting to read receipt behavior in WhatsApp

* feat: update mark_messages_as_read behavior to handle false value in provider config

* chore: update label for 'Mark as read' option

* feat: update update_last_seen to send WhatsApp read receipt for WhatsApp channels

* test: remove MESSAGE_READ event dispatch tests in wrong file

* feat: enhance update_last_seen behavior for WhatsApp channel to conditionally dispatch messages.read event

* feat: update update_last_seen to dispatch messages.read event

* test: refactor update_last_seen tests

* chore: refactor to ensure provider_service responds to read_messages before ensure the mark_as_read provider config

* test: enhance #read_messages with provider config mark_as_read expected behaviors

* chore: clarify test names and remove useless expect

---------

Co-authored-by: gabrieljablonski <contact@gabrieljablonski.com>
2025-06-03 23:28:15 -03:00
gabrieljablonski
0317803b7c Merge branch 'main' into chore/merge-upstream 2025-05-30 11:03:07 -03:00
Shivam Mishra
b3a76289cc
feat: use tracking pixel for article view count (#11559) 2025-05-29 17:01:38 +05:30
Sojan Jose
873cfa08d8
feat: Ability to reset api_access_token (#11565)
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Shivam Mishra <scm.mymail@gmail.com>
2025-05-29 14:42:13 +05:30
Shivam Mishra
b1120ae7fb
feat: allow searching articles in omnisearch (#11558)
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
2025-05-28 13:50:50 +05:30
Sojan Jose
c2d8e2ad77
feat: move Slack config to installation settings (#11548)
- enable Slack Configuration via InstallationConfig
- list Slack integration in super admin settings
2025-05-23 01:07:35 -07:00
Cayo P. R. Oliveira
21133c3383
feat: mark unread conversations (#49)
* feat: add MESSAGES_UNREAD event and implement unread action in ConversationsController

* feat: rename MESSAGES_UNREAD event to CONVERSATION_UNREAD and update unread action in ConversationsController

* feat: implement send_unread_conversation method and update conversation_unread event handling

* feat: add test for dispatching conversation.unread event in ConversationsController

* feat: add conversation_unread event handling in ChannelListener

* feat: add send_unread_conversation method and corresponding tests in Whatsapp channel

* feat: add logging for nil last_message in send_unread_conversation method

* feat: add send_unread_conversation to error handling methods

* feat: implement send_unread_conversation method with logging for nil last_message

* fix: add nil check and logging for last_message in send_unread_conversation method

* fix: update conversation_unread method to call unread_conversation instead of send_unread_conversation

* refactor: rename send_unread_conversation to unread_conversation and update method implementation

* refactor: rename send_unread_conversation to send_unread_messages and update implementation to handle multiple messages

* refactor: rename send_read_messages to read_messages and send_unread_messages to unread_message for clarity

* refactor: rename send_read_messages to read_messages and send_unread_messages to unread_message for clarity

* refactor: rename send_read_messages to read_messages for consistency
2025-05-22 11:52:03 -03:00
Sojan Jose
8697a30dc5
feat: Ability to access user tokens via Platform API (#11537)
- Add Platform API for generating user tokens 
- Add the swagger documentation.

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: Pranav <pranav@chatwoot.com>
2025-05-22 11:30:04 +05:30
Vishnu Narayanan
df7401f71c
fix: account email validation during signup (#11307)
- Refactor email validation logic to be a service
- Use the service for both email/pass signup and Google SSO
- fix account email validation during signup
- Use `blocked_domain` setting for both email/pass signup and Google
Sign In [`BLOCKED_DOMAIN` via GlobalConfig]
- add specs for `account_builder`
- add specs for the new service

---------

Co-authored-by: Sojan Jose <sojan@pepalo.com>
2025-05-20 20:45:39 -07:00
Sivin Varghese
ccb3672ff8
fix: Status not updating when creating a Linear issue (#11523) 2025-05-20 16:04:56 +05:30
Gabriel Jablonski
ba14d51d23
Merge branch 'fazer-ai/main' into chore/merge-upstream 2025-05-18 11:43:18 -03:00
Sivin Varghese
d0611cb7f2
feat: Improve CSAT responses (#11485)
# Pull Request Template

## Description

This PR introduces basic customization options for the CSAT survey:

* **Display Type**: Option to use star ratings instead of emojis.
* **Message Text**: Customize the survey message (up to 200 characters).
* **Survey Rules**: Send surveys based on labels — trigger when a
conversation has or doesn't have a specific label.

Fixes
https://linear.app/chatwoot/document/improve-csat-responses-a61cf30e054e

## Type of change

- [x] New feature (non-breaking change which adds functionality)

## How Has This Been Tested?

### Loom videos

**Website Channel (Widget)**

https://www.loom.com/share/7f47836cde7940ae9d17b7997d060a18?sid=aad2ad0a-140a-4a09-8829-e01fa2e102c5

**Email Channel (Survey link)**

https://www.loom.com/share/e92f4c4c0f73417ba300a25885e093ce?sid=4bb006f0-1c2a-4352-a232-8bf684e3d757

## Checklist:

- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my code
- [x] I have commented on my code, particularly in hard-to-understand
areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [x] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published in downstream
modules

---------

Co-authored-by: Pranav <pranavrajs@gmail.com>
2025-05-16 14:18:52 +05:30
Sojan Jose
a4c7b73888
fix: Manage Twilio SMS channel via inbox API (#11457)
- Currently Chatwoot manages Twilio Inbox creation in a separate
controller , We want to move this to inboxes api so that we have a
unified API for inbox related changes

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2025-05-15 12:28:54 +05:30
Pranav
27430752b5
feat: Allow agent bots to update custom attributes in accessible conversations (#11447)
Previously, agent bots weren’t allowed to edit custom attributes in
conversations. But with AI, it’s now more feasible to return accurate
and useful attributes. Since there’s no strong reason to block this,
this PR enables bots to update custom attributes.

Fixes https://github.com/chatwoot/chatwoot/issues/11378
2025-05-08 20:11:02 -07:00
Cayo P. R. Oliveira
c6e505e924
feat: mark message as read (#43)
* feat: implement send_read_messages method for WhatsApp channel

* feat: implement messages_read event handling and dispatch for conversations

* feat: enhance messages_read handling to include last_seen_at and conversation context

* feat: update last_seen handling to reference agent_last_seen_at for messages read event

* chore: fix rebase

* feat: update error handling

* feat: update send_read_messages to mark received messages as not sent by the user

* test: controller spec

* test: channel listener

* test: channel and provider

---------

Co-authored-by: gabrieljablonski <contact@gabrieljablonski.com>
2025-05-08 11:07:57 -03:00
Shivam Mishra
c87b2109a9
feat: allow auto resolve waiting option (#11436) 2025-05-08 12:52:17 +05:30
Shivam Mishra
b533980880
feat: Add support for minutes in auto resolve feature (#11269)
### Summary

- Converts conversation auto-resolution duration from days to minutes
for more
granular control
- Updates validation to allow values from 10 minutes (minimum) to 999
days (maximum)
- Implements smart messaging to show appropriate time units in activity
messages

###  Changes

- Created migration to convert existing durations from days to minutes
(x1440)
- Updated conversation resolver to use minutes instead of days
- Added dynamic translation key selection based on duration value
- Updated related specs and documentation
- Added support for displaying durations in days, hours, or minutes
based on value

###  Test plan

- Verify account validation accepts new minute-based ranges
- Confirm existing account settings are correctly migrated
- Test auto-resolution works properly with minute values
- Ensure proper time unit display in activity messages

---------

Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
2025-05-07 00:36:15 -07:00
Gabriel Jablonski
19ad42a580
feat: dispatch to channel listener on availability change (#42) 2025-05-06 20:01:05 -03:00
Gabriel Jablonski
0f4587c740
Merge branch 'fazer-ai/main' into chore/merge-upstream 2025-05-06 16:50:51 -03:00
Pranav
7cf051aba0
fix: Show campaigns only if the feature is enabled (#11420)
If the feature is disabled (manually or due to plan changes), the
customer cannot disable the existing campaigns. This PR would fix that.

Fixes
https://linear.app/chatwoot/issue/CW-3691/fix-disable-campaigns-on-plan-downgrade
2025-05-05 19:41:28 -07:00
Gabriel Jablonski
af4ca9d974
Merge branch 'fazer-ai/main' into chore/merge-upstream 2025-05-02 19:55:54 -03:00
Sojan Jose
970e76ace8
feat: API Endpoints to update message status (#11387)
- Added an api endpoint for update message status ( available only for
api inboxes )
- Moved message status management to a service. 
- Handles case where read status arrive before delivered 

fixes: #10314 , #9962
2025-04-29 15:33:11 -07:00
Shivam Mishra
1a2e6dc4ee
feat: integrate LeadSquared CRM (#11284) 2025-04-29 09:14:00 +05:30
gabrieljablonski
a1d3d6befe test: fix spec 2025-04-25 17:16:50 -03:00
gabrieljablonski
540f67aef6 Merge branch 'fazer-ai/main' into chore/merge-upstream 2025-04-25 16:57:00 -03:00
Sojan Jose
630826baed
feat: Implement UI for Agent Bots in settings and remove CSML support (#11276)
- Add agent bots management UI in settings with avatar upload
- Enable agent bot configuration for all inbox types
- Implement proper CRUD operations with webhook URL support
- Fix agent bots menu item visibility in settings sidebar
- Remove all CSML-related code and features
- Add migration to convert existing CSML bots to webhook bots
- Simplify agent bot model and services to focus on webhook bots
- Improve UI to differentiate between system bots and account bots

## Video 





https://github.com/user-attachments/assets/3f4edbb7-b758-468c-8dd6-a9537b983f7d

---------

Co-authored-by: iamsivin <iamsivin@gmail.com>
Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
Co-authored-by: Pranav <pranav@chatwoot.com>
2025-04-16 18:02:49 +05:30
Sojan Jose
78a40114ef
feat: Use portal logo as favicon in helpcenter pages (#11289)
- Added favicon link to portal layout when logo is present
- Added tests to verify favicon behavior with and without logo
2025-04-14 19:59:56 -07:00
Vishnu Narayanan
befdfb0ae6
fix: use stricter validation to restrict gmail signups (#11285)
- use stricter validation to restrict gmail signups
2025-04-12 10:52:49 +05:30
Gabriel Jablonski
65430e4633
Merge branch 'fazer-ai/main' into chore/merge-upstream 2025-04-09 19:22:12 -03:00
Cayo P. R. Oliveira
25670564eb
feat: add message update processing in IncomingMessageBaileysService (#20)
* feat: add message update processing in IncomingMessageBaileysService

* feat: implement message update handling in IncomingMessageBaileysService

* feat: add MessageNotFoundError for handling invalid update messages in IncomingMessageBaileysService

* chore: specs for message.update events and bug fixes

* chore: refactor message update handling in IncomingMessageBaileysService

* chore: nit remove redundant comment

* chore: enhance logging for unsupported message update statuses in IncomingMessageBaileysService and disabled metrics

* chore: message status update logic with transition checks

* chore: update status mapping for PENDING to sent in status_mapper

* chore: update status_mapper comments and fix case statement for status codes

* fix: logging for unsupported message updates in update_message_content method

* test: add specs for unsupported status transitions in messages.update event

* refactor: ensure message status is reloaded before assertion in messages.update event spec

* refactor: status variable in status_mapper method

* refactor: rename status_transition_allowed method to status_transition_allowed?

* refactor: streamline message creation in specs by using let! for setup

* feat: process webhook whatsapp await response (#21)

* feat: enhance WhatsApp webhook processing and error responses handling

* chore: correct spelling of 'WhatsApp' in webhook controller specs

* refactor: rename webhook processing method and improve error handling

* chore: update error handling in WhatsApp controller specs for specific exceptions

* refactor: remove handling for StandardError in WhatsApp controller specs

* refactor: simplify perform_whatsapp_events_job method

* chore: update response status from not_found to bad_request for invalid message

* refactor: update expectations for job processing in WhatsApp controller specs
2025-04-09 19:14:38 -03:00
Muhsin Keloth
d827e66453
feat: Instagram Inbox using Instagram Business Login (#11054)
This PR introduces basic minimum version of **Instagram Business
Login**, making Instagram inbox setup more straightforward by removing
the Facebook Page dependency. This update enhances user experience and
aligns with Meta’s recommended best practices.

Fixes
https://linear.app/chatwoot/issue/CW-3728/instagram-login-how-to-implement-the-changes


## Why Introduce Instagram as a Separate Inbox?


Currently, our Instagram integration requires linking an Instagram
account to a Facebook Page, making setup complex. To simplify this
process, Instagram now offers **Instagram Business Login**, which allows
users to authenticate directly with their Instagram credentials.

The **Instagram API with Instagram Login** enables businesses and
creators to send and receive messages without needing a Facebook Page
connection. While an Instagram Business or Creator account is still
required, this approach provides a more straightforward integration
process.

| **Existing Approach (Facebook Login for Business)** | **New Approach
(Instagram Business Login)** |
| --- | --- |
| Requires linking Instagram to a Facebook Page | No Facebook Page
required |
| Users log in via Facebook credentials | Users log in via Instagram
credentials |
| Configuration is more complex | Simpler setup |

Meta recommends using **Instagram Business Login** as the preferred
authentication method due to its easier configuration and improved
developer experience.

---

## Implementation Plan

The core messaging functionality is already in place, but the transition
to **Instagram Business Login** requires adjustments.

### Changes & Considerations

- **API Adjustments**: The Instagram API uses `graph.instagram`, whereas
Koala (our existing library) interacts with `graph.facebook`. We may
need to modify API calls accordingly.
- **Three Main Modules**:
  1. **Instagram Business Login** – Handle authentication flow.
2. **Permissions & Features** – Ensure necessary API scopes are granted.
  3. **Webhooks** – Enable real-time message retrieval.

![CleanShot 2025-03-10 at 21 32
28@2x](https://github.com/user-attachments/assets/1b019001-8d16-4e59-aca2-ced81e98f538)


---

## Instagram Login Flow

1. User clicks **"Create Inbox"** for Instagram.
2. App redirects to the [Instagram Authorization
URL](https://developers.facebook.com/docs/instagram-platform/instagram-api-with-instagram-login/business-login#embed-the-business-login-url).
3. After authentication, Instagram returns an authorization code.
5. The app exchanges the code for a **long-lived token** (valid for 60
days).
6. Tokens are refreshed periodically to maintain access.
7. Once completed, the app creates an inbox and redirects to the
Chatwoot dashboard.

---

## How to Test the Instagram Inbox

1. Create a new app on [Meta's Developer
Portal](https://developers.facebook.com/apps/).
2. Select **Business** as the app type and configure it.
3. Add the Instagram product and connect a business account.
4. Copy Instagram app ID and Instagram app secret
5. Add the Instagram app ID and Instagram app secret to your app config
via `{Chatwoot installation
url}/super_admin/app_config?config=instagram`
6. Configure Webhooks:
   - Callback URL: `{your_chatwoot_url}/webhooks/instagram`
   - Verify Token: `INSTAGRAM_VERIFY_TOKEN`
- Subscribe to `messages`, `messaging_seen`, and `message_reactions`
events.
7. Set up **Instagram Business Login**:
   - Redirect URL: `{your_chatwoot_url}/instagram/callback`
8. Test inbox creation via the Chatwoot dashboard.


## Troubleshooting & Common Errors

### Insufficient Developer Role Error

- Ensure the Instagram user is added as a developer:
- **Meta Dashboard → App Roles → Roles → Add People → Enter Instagram
ID**

### API Access Deactivated

- Ensure the **Privacy Policy URL** is valid and correctly set.

### Invalid request: Request parameters are invalid: Invalid
redirect_uri

- Please configure the Frontend URL. The Frontend URL does not match the
authorization URL.
---


## To-Do List

- [x] Basic integration setup completed.  
- [x] Enable sending messages via [Messaging
API](https://developers.facebook.com/docs/instagram-platform/instagram-api-with-instagram-login/messaging-api).
- [x] Implement automatic webhook subscriptions on inbox creation.  
- [x] Handle **canceled authorization errors**.  
- [x] Handle all the errors
https://developers.facebook.com/docs/instagram-platform/instagram-graph-api/reference/error-codes
- [x] Dynamically fetch **account IDs** instead of hardcoding them.  
- [x] Prevent duplicate Instagram channel creation for the same account.
- [x] Use **Global Config** instead of environment variables.  
- [x] Explore **Human Agent feature** for message handling.  
- [x] Write and refine **test cases** for all scenarios.  
- [x] Implement **token refresh mechanism** (tokens expire after 60
days).
Fixes https://github.com/chatwoot/chatwoot/issues/10440

---------

Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Shivam Mishra <scm.mymail@gmail.com>
2025-04-08 10:47:41 +05:30
Gabriel Jablonski
659c3e7c2f chore: apply Rails/SaveBang cop (#15)
* chore: apply Rails/SaveBang cop

* fix: correct locale validation in category model spec

* fix: update save methods to avoid Rails/SaveBang cop violations
2025-04-03 23:29:24 -03:00
Cayo P. R. Oliveira
acd1e56a28 feat: baileys provider for whatsapp (#7)
* feat: baileys provider and placeholder for link device modal

* chore: drop qrcode.vue in favor of just img tag

* chore: update modal props

* feat: setup channel provider connection

* chore: update .env.example with Baileys API default configuration

* feat: add support for Baileys provider in WhatsApp events processing

* chore: rename Baileys API default host variable to DEFAULT_BAILEYS_URL

* feat: add setup and disconnect methods for Baileys channel provider in inboxes controller that will be implemented

* feat: add CHANNEL_CONNECTION_UPDATE event and include it in broadcast data preparation

* refactor: simplify channel retrieval logic in WhatsappEventsJob

* refactor: revert CHANNEL_UPDATE_EVENTS constant from ActionCableBroadcastJob

* feat: add 'baileys' as a provider option in Whatsapp channel model

* feat: add provider_connection field to Whatsapp channel model and migration

* refactor: remove unnecessary  CHANNEL_CONNECTION_UPDATE event type

* feat: implement channel provider connection with baileys API

* feat: add inbox association to Whatsapp channel model and update webhook URL handling

* feat: enhance Baileys service to handle webhook multiple event types

* refactor: simplify webhook verification logic in Baileys service

* feat: add setup channel provider call, and refactor some logic

* chore: adapt logic to new API

* refactor: fix typo

* refactor: fix import

* refactor: fix typo

* chore: add fixme comment about race condition

* fix: remove double disconnect call

* feat: implement message processing for incoming WhatsApp messages

* refactor: streamline message type determination and improve readability

* chore: increase cache key granularity

provider connection info might be updated multiple times within 1 second, so updates might be lost due to cache key not being updated. changing cache key to milliseconds solves this

* feat: add `is-loading` to buttons

* feat: update send_message method to use 'to' parameter and improve error handling

* refactor: simplify test setup and update API key in specs

* chore: add setup and disconnect channel provider specs

* test: fix spec after increase cache key granularity

* feat: handle reconnecting state on modal

* style: centered error text

* feat: advanced options on create inbox

* feat: handle new reconnecting on backend

* refactor: update inbox controller specs and leave a FIXME note

* test: add specs for Whatsapp::IncomingMessageBaileysService

* feat: add baileys configuration page

* feat: link device button when disconnected on conversation

* chore: refactor .env.example

* feat: add TODO for unimplemented methods in IncomingMessageBaileysService

* fix: correct method name and update environment variable references in WhatsappBaileysService

* refactor: simplify channel lookup by removing redundant method and handling phone number check directly

* chore: add TODO for unimplemented event processing methods in IncomingMessageBaileysService

* fix: update environment variable references in WhatsappBaileysService tests

* chore(webhook): add pt-BR translations

* chore: add pt-br translations

* chore: inboxname component margin

* refactor: inboxname computed prop

* feat: enhance WhatsApp provider connection handling and message processing

* test: inbox controller

* chore: improve baileys connection and messages handling

* test: incoming message service baileys

* refactor: update provider config validation and improve test setup for WhatsApp Baileys service

* fix: ensure only text messages are sent and update message source ID

* fix: create message

* fix: only update message on success

* test: fix broken specs

* chore: raise error on unsupported message content type

* feat: hide provider connection data from non-admins

* fix: update advanced options

* chore: move class definition

* fix: issue with send_message not returning id

---------

Co-authored-by: gabrieljablonski <contact@gabrieljablonski.com>
2025-04-03 23:28:38 -03:00
Cayo P. R. Oliveira
083bc27b1a feat: webhook inbox (#5)
* chore: exclude inbox_id from webhook update parameters

* feat: display inbox label in webhook settings

* feat: add inbox selection to webhook form

* feat: prevent updating inbox_id in webhook update

* feat: integrate MultiselectDropdown for inbox selection in webhook form

* feat: add inbox matching logic to webhook event delivery

* feat: remove unused inbox input placeholder from webhook form

* fix: MultiselectDropdown component submiting form

* feat: refine webhook parameters for create and update actions

* feat: disable URL input field when editing webhook

* chore: remove unnecessary parentheses

* chore: update webhook controller spec to ignore inbox_id and url updates

* fix: clean up JSON formatting

* fix: standardize inbox_id to inboxId in WebhookForm component

* refactor: replace LabelItem with InboxName component in WebhookRow

* chore: enhance MultiselectDropdown with button variant prop and update styling in WebhookForm

* chore: simplify MultiselectDropdown wrapper in WebhookForm component

* chore: update selectedInbox initialization to null and reorder form fields

* refactor: simplify InboxName

* chore: add dark variant styling for buttons in SCSS

* test: add inbox filtering for webhook event triggers in WebhookListener

* test: refactor webhook controller spec to use a variable for URL and improve update expectations

* feat(webhook): all inboxes option

* chore: remove dark variant styling for buttons in SCSS

* fix: bad interaction multiselectdropdown inside label

* chore: invert if

* chore: rename to assignedInbox and drop inboxId

* refactor(WebhookForm): restore div separating fields from buttons

* test: improve description

---------

Co-authored-by: gabrieljablonski <contact@gabrieljablonski.com>
2025-04-03 23:28:38 -03:00