# Identifying users [Guest users](#user-content-fn-1)[^1] can be identified when you first load the Frill Script, or at any time using the `identify` command. **Important** * You must provide a valid email. * Name is optional but recommended * Guest authentication will fail if: * Your Widget/Survey has user/password or SSO authentication enabled * The email is associated to an existing user/password account The simplest way to identify users is with the `container` command. Just define the user as part of your configuration. We recommend identifying with an [SSO token](#sso) when possible as it circumvents any possibe edge cases (see above) that come with guest authentication. ```js window.Frill('container', { key: 'YOUR_SCRIPT_KEY', user: { email: 'email@domain.com', name: 'my user', // optional // You can also pass custom variables (attributes and companies) when identifying users // attributes: { mrr: 100 }, // companies : [{ id: 'frill', name: "Frill.co" }] } }, }); ``` ### `Frill('identify')` If your app has client side authentication, you can identify the user using the `identify` command when they login. The `identify` command will identify the user for all active (and future) Widgets & Surveys. ```js await window.Frill('identify', { email: 'email@domain.com', name: 'my user' // You can pass custom variables here too... // attributes: { mrr: 100 }, // companies : [{ id: 'frill', name: "Frill.co" }] } }); ``` If the user logs out, you should unidentify them: ```js await window.Frill('unidentify'); ``` ### Single Sign On (SSO) You can identify SSO users by passing a signed SSO JWT instead of user details. Your company does not need to enable SSO in the platform for this to work. ```typescript window.Frill('container', { key: 'YOUR_SCRIPT_KEY', ssoToken: 'SSO_JWT_FROM_SERVER', }) // Or with the identify command await window.Frill('identify', { ssoToken: 'SSO_JWT_FROM_SERVER' }); ``` [Check out this guide for more information on setting up SSO](https://developers.frill.co/single-sign-on/quick-start) ### Custom attributes Custom attributes are a powerful way to segment your users inside of Frill. You can pass custom attributes when you identify users, just include an `attributes` and/or `companies` object alongside the user details. {% hint style="info" %} You must turn on the "**Allow custom attributes when identifying users with JS**" option from the Frill Script setup identification settings. If you're using SSO you will need to add the attributes as part of the token payload. [**Check out this guide**](https://help.frill.co/article/204-adding-custom-user-attributes-for-segmentation) for more information. {% endhint %} ```typescript await window.Frill('identify', { email: 'email@domain.com', name: 'my user' attributes: { mrr: 100, job_title: 'CEO', free_user: false }, companies : [{ id: 'frill', name: "Frill.co" }] } }); ``` ### iFrames If you're loading your Widget in an iFrame you can still identify users (including SSO) by passing the user details as a query parameter. #### **Guest users** You can authenticate guest users by passing their details as the `user` query parameter. The object should be encoded and must have a valid email. ```javascript // In javascript you would do const user = encodeURIComponent(JSON.stringify({ name: 'Mitch Guest', email: 'mitch+guest@frill.co' })) // And it should look like this // %7B%22name%22%3A%22Mitch%20Guest%22%2C%22email%22%3A%22mitch%2Bguest%40frill.co%22%7D ``` ```html // Then load the Widget iframe // It also works for Surveys ``` #### SSO users To identify SSO users in an iFrame, pass your signed SSO JWT as the `ssoToken` query parameter. ``` // Then load the Widget iframe // It also works for Surveys ``` [^1]: Your widget (or company) must have Guest or Anonymous authentication enabled for this to work.