Sam Shiles

Sure thing!

HI Eric Nelson, many thanks for getting back to me. I can confirm that the response frm '/api/v2/users/me' is not showing as 'anonomyous', the response I get is:

{
    "user": {
        "id": ,
        "url": "/api/v2/users/392459029837.json",
        "name": "Sam Shiles",
        "email": "sam@",
        "created_at": "2022-02-17T21:55:21Z",
        "updated_at": "2022-05-18T07:22:48Z",
        "time_zone": "Europe/London",
        "iana_time_zone": "Europe/London",
        "phone": null,
        "shared_phone_number": null,
        "photo": null,
        "locale_id": 1,
        "locale": "en-US",
        "organization_id": ,
        "role": "admin",
        "verified": true,
        "authenticity_token": "",
        "external_id": null,
        "tags": [],
        "alias": null,
        "active": true,
        "shared": false,
        "shared_agent": false,
        "last_login_at": "2022-05-18T07:22:48Z",
        "two_factor_auth_enabled": null,
        "signature": null,
        "details": null,
        "notes": null,
        "role_type": 4,
        "custom_role_id": 4434476582801,
        "moderator": true,
        "ticket_restriction": null,
        "only_private_comments": false,
        "restricted_agent": false,
        "suspended": false,
        "default_group_id": 4434476625553,
        "report_csv": true,
        "user_fields": {}
    }
}

HI all,

I'm a bit stumped on this one. My goal is to use the help centre articles api to display an article inline/embedded in our existing web site and I'm very close to having this working. What I have so far is:

- jwt SSO setup and working.
- secure GET of a specific article using OAUTH2 tokens
- displaying the body of the article on our site

The only thing I'm struggling with is display of images. IF the user has already signed into zendesk, it works fine. If they have not, then I'm getting a 404 back when requesting the image. No problem, I thought, it'll be because I'm missing some cookies. So I ensured our web app and our zendesk were running on the same domain and then I programictially called POST `[zendesk]/access/jwt`, intercepted the response headers, extracted the value of `_zendesk_shared_session` and set it on our app via a response from our auth service. The cookie is now being sent along with the request for the image.......still 404. 

I believe the reason for this is that POST `[zendesk]/access/jwt`, whilst responding with the session cookie I need is NOT establishing a server side session - as proven by calling `[zendesk]/api/v2/sessions` - which does not list anything with my programatic method, but does if I log in manually. I am assuming that after zendesk processes the request to POST `[Zendesk]access/jwt` another redirect is performed which then DOES establish the server side session. 

So, my question: is there anyway I can mimic the manual auth flow in order to create the server side session that then corresponds to the session identified by the `_zendesk_shared_session` cookie. 

Or is there another approach for me to seamlessly (not require the user to login twice, even if with the same credentials), that will allow me to display an image hosted on my zendesk help centre within/embedded in my web app?

Any help would be much appreciated!