Home > Firebase Connectivity Overview and Troubleshooting Guide
Categories: Technical Options
(Last Updated On: December 7, 2022)
Note: The information in this article is relevant for any Messaging and Live Chat customers who work in a restricted internet access environment (for example, if your business requires employees to access the network via a secure corporate VPN and/or have other firewall restrictions in place).
TeamSupport Messaging and Live Chat (formerly SnapEngage) is in the process of deploying new infrastructure components to support exciting new features (Supervisor) and to embrace new technologies in the Messaging Hub. These services are from Google Cloud, in their Firestore Platform as a Service offering.
If your staff uses TeamSupport Messaging and Live Chat in a restricted Internet access environment, your Information Technology services may require granting access to new “allowed services” for your agents and admins. If you are unsure about whether this applies to your business, please double-check with your IT Department, Network Administrator, or other internal technical resources.
- Between now and mid-November 2022: This notice is relevant for any Messaging and Live Chat customers using restricted networks who are specifically using the Supervisor feature in the Messaging Hub.
- After mid-November 2022: This notice is relevant for all Messaging and Live Chat customers using restricted networks, regardless of whether you use the Supervisor feature or not.
Your company’s IT Department/Network Administrator or related technical contacts will be the best resource to help you make any of the below updates (if necessary), as well as provide assistance in troubleshooting related matters (see testing and troubleshooting guide at the end of this article for more details).
Please work with your IT Department/Network Administrator to ensure that the following services/hosts are accessible in your network as soon as possible (if you are using Supervisor) or otherwise by November 1, 2022 for all other customers in restricted environments.
The following hosts must be accessible over HTTP:
The following hosts must be accessible over Websockets:
This configuration is usually done in your corporate firewall or web filtering network appliances; please check with your IT team for additional guidance.
What will happen if my network is blocking Firebase services? What is the impact on my Messaging and Live Chat service?
For agents and admins to continue reliably using all aspects of the Messaging Hub, it’s important to ensure that your network is not blocking access to Firebase services.
Between now and mid-November 2022, if your network is blocking access to Firebase you will experience:
- Inability to access/view Supervisor in the Messaging Hub
After mid-November 2022, if your network is blocking access to Firebase you will experience more significant impacts:
- Inability to access/view Supervisor in the Messaging Hub
- Issues receiving new chats/messages from visitors in the Messaging Hub
- Inability for agents to view all chat conversations in the Messaging Hub properly
- Other Messaging Hub elements could be impacted such as missing visitor data and other missing chat-related data
- General disruptions to the overall visitor/agent chat experience*
*Important Note About the Visitor Chat Box:
The visitor chat box itself does not need to connect to Firebase. You do not need to make any changes to your website in relation to this update.
Keep in mind that even though the visitor chat box itself is not impacted by these new services, the overall chat experience for visitors/agents will ultimately be impacted as per the above if you continue to block access to Firebase after mid-November 2022.
Can we further restrict specific URLs that are allowed and use more specific URLs/pathnames to narrow the scope?
No. By reducing the number of URLs or trying to use very specific URLs, the service can break when Google decides to change them. This can happen at any time and is not within TeamSupport’s control. Please use the more generic Firebase URLs provided above to ensure there are no disruptions to your Messaging and Live Chat service.
These Google Cloud infrastructure / Firebase services are extremely secure. They are SOC compliant. TeamSupport uses them for highly sensitive services in which data security and privacy is of the utmost importance (such as for HIPAA-compliant technology).
How did TeamSupport verify the above information regarding the specific Google Firebase services that we need to allow?
TeamSupport verified this information directly with SADA, a multi-year award-winning official Google Cloud Premier Partner. SADA has direct access to Google Cloud Platform (GCP) engineers and in-depth technical documentation.
As it pertains to ports, all should reside on port 443 (normal HTTP over SSL port).
Do my customers who chat with us on our website using this product need to update their firewalls too?
No. If your business operates in a restricted network environment, you only need to update your own company’s firewall. You do not need to have your customers update their firewalls.
Currently, the best indicator that Firebase is inaccessible is if the Supervisor “eye” icon does not appear in the upper left corner of the Messaging Hub. This is assuming that the Hub user (agent or sub-admin) has been given the correct privileges in the Permissions tab of the Admin Dashboard.
After we migrate additional technologies in mid-November 2022, other Hub elements including visitor data, messages and chats themselves will not appear if Firebase is unavailable.
If there is a suspected issue connecting to Firebase, please try the following troubleshooting steps:
- Open the developer tools in the browser that you use for the Hub.
- Select the “Network” tab.
- Filter the network traffic by entering “googleapis” (without the quotes).
- If Firebase is unavailable, you will likely see a number of entries where the Status is “(failed)”:
- The filter can be further refined by entering firestore.googleapis.com or identitytoolkit.googleapis.com:
If any of these services are blocked, then you will need to work with your IT Department or other technical resources to determine what is causing it. It’s typically a firewall or proxy that is blocking the traffic, but there can be other items as well.
Further testing can be done by “pinging” the various endpoints to help determine if the blocking is occurring at the browser or network level. Pinging can be done by opening a terminal window and entering the following command:
> ping firestore.googleapis.com
The service that is being pinged will return various data if it can be reached:
If it can’t, then something similar to the following will be shown:
Below is the list of services that can be pinged:
Note: These urls do not respond with anything that can be shown in a browser, therefore if they’re opened in a browser an error will be displayed.
If you have additional questions on any of the above information or need further guidance for testing web sockets, please contact our Support team. If you have any concerns about this update or encounter major blockers in allowing the above services, please contact Support.
Published August 5, 2022