Harshit Srivastava

When a resource logs into the Zendesk help center portal. His/her employee type should be fetched and the form should be per as the employee type. so that the employee does not access the other forms that are not relevant to them.

We have tried to implement custom javascript logic but the Zendesk DOM prevents the same from happening.

We have created a Zendesk application, and we need to upload an image and use the response ID in the side conversation mail API.

We have implemented the Zendesk Attachment API and are familiar with how it works. We have tested the side conversation attachment API in POSTMAN, and it works fine. However, when we try to use the same API in our Zendesk application using the Client. Request API call, we encounter the following error.  We have tried multiple things like changing the content type and debugging the uploaded file data but nothing works. Please take a look at the screenshot and sample code provided.

Following ENDPOINT we are referring: https://developer.zendesk.com/api-reference/ticketing/side_conversation/side_conversation_attachment/

https://developer.zendesk.com/api-reference/ticketing/side_conversation/side_conversation/

function uploadImage() {
 
  let files = document.getElementById("mail-body-input").files;
  const fileToUpload = files[0];
 
  const formData = new FormData();
  formData.append("file", fileToUpload);
 
  client.request({
    url: `/api/v2/tickets/side_conversations/attachments.json`,
    method: "POST",
    contentType: "multipart/form-data", // Let the browser set the content type with boundary
    body: formData,
    redirect: "follow"
  })
  .then((response) => {
    console.log("Image uploaded successfully", response);
  })
  .catch((error) => {
    console.error("Error uploading image", error);
  });
}

We need to send an SMS upon ticket creation, but our API requires a two-step process:

1. Call an API to generate a token.
2. Use the generated token to authenticate the SMS API.

Since Zendesk Webhooks don't support a two-step API call, we are looking for the best solution or approach to address this issue.

1: We have created a trigger that sends a URL to the End user via email

2: The URL redirects to {subdomain}.zendesk.com/hc/en-us/ourCSAT form with ticket ID and user ID in Url as parameters

3: In the CSAT guide page we use custom code, we use the Zendesk Admin token to call the Ticket API,
to match the ticket ID with the user ID (for URL validation purposes).

4: Once the URL is authenticated, once they fill up the feedback form, we get the data and then again call the Zendesk Ticket Update API using the Admin Email ID and token and update the ticket.

The Issue we are facing is that the token is accessible.

So basically we are using Zendesk ticket API to create a ticket in Zendesk at the time of the creation of the ticket we need to send an SMS to our customer since due to security concern our SMS API work in a three-step process(One API to create a token, 2nd to shorten the URL and last to send the sms using the token).

To face this we create a background application that works on tickets. saved event