Identifying Users

In order to expose the journey of a specific user and track the same user across multiple devices, Plumbr also embeds the possibility of identifying users. The exposed identity can be in any form that the particular application can handle. Typical examples of identity are the username or email address of the user.

User identity is automatically linked to a transaction in applications where Plumbr is capable of determining the location of the identity. In cases where Plumbr fails to detect the identity automatically, you can configure the location of the identity yourself.

By default, Plumbr supports the following frameworks for capturing identity:

  • JWT Bearer tokens. If your application passes the identity of the user in the HTTP request headers using JWT Bearer tokens, Plumbr will use the value of the subject extracted from the token as the identity of the user.
  • Spring Security. If the application monitored by Plumbr uses the authentication built into the Spring Security library, Plumbr will extract the user’s identity from security.core.userdetails.UserDetails.getUsername().
  • Java Authentication and Authorization Service (JAAS). If the application Plumbr is monitoring stores the principal instances in the HTTP Session, Plumbr will extract the identity from security.Principal.getName().

The JWT Bearer token approach can be used for applications monitored only by Plumbr Browser Agents. Spring Security and JAAS detection only works in settings where the application is monitored by the Java Agent (regardless of whether or not the Browser Agent is used).

In case Plumbr has not been able to detect the user’s identity, you can help Plumbr locate the identity yourself via configuring an Identity Detection Rule. The steps needed to achieve this are explained in the following chapter.