Zendesk support for cookie-restricted browsers (Safari, Chrome, Firefox)

Return to top

86 Comments

  • Heather Firth

    Is this fixed now? On iPhone 12 it just keeps looping back to the page.

    3
  • Valerie Nuñez

    Any updates here? I have a customer who refuses to let me close their ticket with our team until this is fixed.

    1
  • Matt Davis

    Dear ZenDesk: We have already begun the transition away from your services because of this issue. This is a one way trip that we put off for months. Our entire team has stopped recommending ZenDesk as a viable solution when people ask and have already warned others that were considering ZenDesk away - not only because of the issue but that the issue persists and has persisted this long.

    5
  • Tobias Linder

    @... @...
    Any news on that status of the fix? It' not 16 months since I opened a ticket to report that issue!

    Also I see that several people were asking the same question above and don't even get an answer which is kind of upsettting considering that this is a really serious issue that bothers our users every single day.

    0
  • Devan La Spisa
    Zendesk Community Manager

    Hello @...,

    I reached out to our product team, and I can confirm that t is currently on our roadmap to address in a more impactful manner. At this time, we are not ready to announce any hard date, but once we do, we'll be sure to publish it in our announcements section of the Community.

    Zendesk Anouncements

    Best regards. 

    0
  • Tobias Linder

    Hi @...
    Thanks for letting me know that this issue is not forgotten. Let's hope change is happening soon.

    1
  • Suzie Baunsgard

    I've been able to get firefox 87 to work with our hostmapped help center (as an end user, with a hard refresh/cache clear)

    https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/

    1
  • Watchman Monitoring

    @Devan, and Zendesk overall.

     

    What is the status of this issue?

    1
  • Tiago Soromenho

    After more than a year of no longer having Zendesk access due to this issue, even following the updated directions of the article above, I was able to get it working by doing the following:

    1) In Safari menu, select "Preferences" and then click on the last tab "Advanced" and select the last item in the bottom "Show Develop menu in menu bar."

    2) When on your Zendesk login page with the "Cookies required" warning across the top of the page, select Menu > Develop > Disable Cross-Origin Restrictions:

    3) Now click on the "Continue" link in the yellow warning box in the login page. It will ask you if you want to allow the site (likely something like support.yourdomain.tld) to allow cookies from another domain (zendesk). Say yes.  It should then return to the main sign-in page without the warning.  You can now disable the "Disable Cross-Origin Restrictions" to return Safari to its safe state, and in my case, I've been able to use Zendesk fine during that session.

    4) It does seem that I need to enable "Disable Cross-Origin Restrictions" each time I sign in, but that's only for that sign-in page. Once it reloads without the warning, I just turn the restrictions back on again.

    Not the most elegant solution, but it's better than having to keep opening another browser specifically configured with less safe settings just to be able to access Zendesk.

    Hope this helps some of you!

    1
  • Nicole Saunders
    Zendesk Community Manager

    A reminder to everyone participating here to review the Community Code of Conduct. While you are welcome to share feedback or frustrations, disparaging remarks, insulting our product managers or staff crosses the line where your post will be removed. There are real people on the other side of these screens, and we want to maintain these discussion spaces as safe for everyone.

    1
  • Tobias Linder

    @... while it is your right to remove articles that you consider disparaging, I think that Joseph Crivello's goal with his comment was in no way to insult your product managers or staff.

    We have been mentioning in this threat again and again that a helpdesk system not being compatible with the #2 most popular browser is not acceptable and nothing is happening. So it's not really surprising that people are getting angry about that fact. We need our Helpdesk to help our customers with their technical problems. So a helpdesk system that contains a bug, which keeps the user from accessing it is useless and in no way worth the $ 21'000.- annual fee I was charged this morning.

    Joseph Crivello' actually wrote in his post that this issue exists now for over a year. I checked my activities with zendesk and actually found a ticket I created on October 15, 2019 with the title "Users can't login into zendesk with Safari" (ID: 4930495)!!!


    With best regards, Tobias Linder

    0
  • Pat Beautz

    @... - Since you are so diligently monitoring this thread, how about sharing an update on when the source problem will be resolved?

    2
  • Jon Yergatian

    It will be interesting to see how quick this issue is resolved once Google Chrome removes the default support for 3rd-Party Cookies later this year. If Zendesk doesn’t resolve this issue before Google releases that update, we’ll be talking about a SaaS product that requires workaround on the #1 and #2 browsers.

    https://blog.google/products/ads-commerce/a-more-privacy-first-web/

    2
  • Caroline Kello
    Zendesk Product Manager

    Hi folks,

    We've heard the concerns about how Zendesk works with browsers that block third-party cookies. We are taking the time in 2021 to completely eliminate our use of third-party cookies across our platform. It's our intention and goal that this removes any issues introduced by browser restrictions on third-party cookies and cross-site requests.

    We know that blocking third-party cookies is a change that's being rolled out to more and more browsers, and it previously did completely break our login page on Safari for host-mapped accounts. We resolved this by implementing the Storage Access API and had to introduce some additional steps for the login process in order to comply with Safari's implementation of the Storage Access API. We've rolled out a similar Storage Access API solution to Firefox browsers for all customers.

    It has taken longer than it should have to remove the reliance of third-party cookies within Zendesk and we're treating this issue internally with a very high priority. The host mapping feature within Zendesk was designed and implemented in a way which fundamentally relies on third-party cookies to work, and therefore eliminating our use of them is not a simple change for us to make on our own. We're engaging with product and engineering teams across the company to make sure we untangle the foundation to better rebuild.

    1
  • Joseph Crivello

    Nicole —

    I have neither the time nor the inclination for insulting or disparaging people over the Internet. My message was intended to convey a valid criticism of Zendesk's practices. I urge you to listen to your customers. It is interesting and ironic that the removal of my posting is yet another example of that not happening.

    Joe

    3
  • Nicole Saunders
    Zendesk Community Manager

    We hear you. And you're right, we've not managed the product feedback conversations well for many years. It's a frustrating experience on both sides. We have a lot of work to do to build up trust and transparency with this community. 

    There are big changes coming to our community experience later this year, and the top item on the priority list is overhauling how we intake and communicate about feature requests and product feedback. We're currently working with our product operations team to redefine our policies and processes. 

    In the coming months we'll be communicating these improvements out to you, to help everyone understand what the process actually is, when you can expect to hear back about feedback you've provided, and how user feedback influences the roadmap. It has not been clear in the past, and we are striving to rectify that. 

    As we work to improve the community, we want to make sure that we're building for our users' needs. In the coming weeks, there will be a number of opportunities for community users to participate in feedback sessions and focus groups, and to provide feedback on our plans and help us to tweak those. If you are interested in participating in any of those, please subscribe to the Community Info and Announcements topic, where we will announce these opportunities. 

    0
  • Michael Bierman

    @... Thanks. It sounds like maybe there is finally some hope of a solution though the timeframe is still unclear. I don't think anyone is being particularly nasty or making personal attacks. The facts are that serious problems that were ignored for a period of years. More than once representatives of Zendesk promised that a solution was in the works and nothing happened. This isn't some minor feature enhancement that was ignored. It impacts every Zendesk customer and many of their customers in turn. It is natural there will be a little heat over that.

    You are 100% correct that zendesk needs to both fix the problem(s) and repair the trust with the community. These are not easy things to do. But they are essential things. I would say (and have in the past) that all other work should have been put aside until this was fixed. It is that crucial to Zendesk's business. I sincerely hope this time work is really happening and we will see the results sooner than later.  

    0
  • Nicole Saunders
    Zendesk Community Manager

    Hi Michael - 

    Thanks for your comment. Zendesk has made a concerted investment in our community program internally, and end-users will start to see the impacts of those investments soon. 

    We're doing listening sessions and focus groups over the next two months, and plan to roll out some initial process improvements in June. There will be some bigger changes coming in early August, and then we'll continue iterating from there. 


     

    -1
  • giecrilj

    [This link](https://support.gitlab.com/auth/v2/login/signed_in) works for me in Safari. I found out about it by using the command *Show this frame only* in Firefox.

    1
  • Peter Steinberger

    This is STILL broken, we are still getting complains about it.

    What the heck, Zendesk? This can't be so hard that it takes three years to fix?

    2
  • Krzysztof Żelechowski

    This is what happens when you make a concerted investment instead of solving the problem at hand.

    2
  • Caroline Kello
    Zendesk Product Manager

    Hey Peter 👋 Do you have more details as to where and how it's broken for you? Signing in on hostmapped accounts should work fine but if there's something our tests and monitoring are missing I'd love to find out and fix it.  

    0
  • Chet Farmer

    Good lord, what other details do you need?

    Zendesk requires cross-site cookies to work, but there's no good reason to allow those anymore. You've had YEARS to resolve this issue, and to date it's still not fixed.

    Safari on MacOS doesn't allow them by default, and users SHOULD NOT enable them if they care about privacy or ad tracking. Zendesk requiring them is not a good reason to enable them. Zendesk requiring them is a good reason to switch to something else.

    Incidentally, there's no way to allow them on iOS Safari at all, which means Zendesk is NOT USABLE on that platform without a 3rd party browser. This, too, is unacceptable.

    I'll be fully honest: we're not big enough for you to care, but this is one reason we're actively evaluating other platforms. Even in our corporate, conservative market, we're getting dinged for your inability to fix this.

     

    0
  • Tobias Linder

    Thanks @... for explaining the situation to @...

    I'm actually slightly irritated. Caroline listed all the existing issues 3 months ago and now she writes "hostmapped accounts should work fine". Is there suddenly a magic feature that solves the issue and we don't know about it and how to switch it on? Please @..., we would really like to know how to make hostmapped accounts work. Because with us it worked the last time on October 14th, 2019.

    1
  • Joseph Crivello

     

    I am blown away that Zendesk would now claim to not know what the problem is here after it has been explained and discussed in great detail over the course of years in this thread. @... seemed to explicitly acknowledge the problem in her post three months ago, but now doesn't think that there is a problem? I don't even know where to start with this. Hard to believe...

    3
  • Krzysztof Żelechowski

    Chet, did you try my work-around?

    0
  • Tiago Soromenho

    I agree that it is really ridiculous that @... seems oblivious to all the previous comments, the documentation of the issue in this thread, and the issues that so many of us continue to have.  But there might be a reason she's unaware of the painful history:

    The top / original article has been updated with instructions (for mac/safari) _that actually work_! (I just tried it out). I am now able to login with Safari, whereas it's been years since I had to use Firefox only to be able to login.

    Seems like there is now a pop-up that asks whether or not to allow Zendesk to use cookies.  The prompt is general, and doesn't share what cookies/scope that we're allowing them to access, but I would assume fairly safely that we're authorizing Zendesk to store and access cookies associated with our host-mapped domains, instead of storing them in the third party sites. If so that IS a huge improvement!

    I think the issue may be that this change was not communicated in the comments. Last comments were from @... about three months ago, and then nothing.  This fix seems newer than that -- even if the top article says it was last modified 5 months ago. I know I've tried to do what the article mentions many times since, and this pop-up feels new; I don't recall seeing it before, nor it working, certainly.  I might be wrong, and for some unrelated mysterious reason, it now works for me... (always a possibility, I suppose.)

     

    3
  • Chet Farmer

    I tested with Safari before I replied. The stated instructions don't work, and I have yet to see a workaround that is acceptable.

    0
  • Michael Bierman

    @Tiago Soromenho This is what I see on Safari (macOS) 

    If I logged out and back in I skip the extra dance back and forth (at least for now). I don't know how long lived this workaround is in Safari. 

    I do know that it does not work whatsoever in Chrome which means variants like Edge and Brave also don't work. 

    I find it appalling that zendesk has not solved this problem by now. 

    2
  • Tiago Soromenho

    @... - I also see that yellow "Cookies required to use Safari" screen when I log out, clear cookies associated with my domain, and try to log back in. (To clear only those cookies, on Safari menu, go to Preferences > Privacy. Make sure "Prevent cross-site cookies" is checked, which is what is preventing Zendesk from working properly. Click on "Manage Website Cookies" button, and on the resulting screen, type in your domain name. When it appears on the list below, click on it to select it, and click on the "remove" button.  

    With my cookies all cleared for that domain, I then click on that "Continue" button in the yellow "Cookies required to use Safari" warning box, and it then shows me a screen like this:

    When I click on "Continue" it goes back to that same screen with the same "Cookies required to use Safari". Clicking on "Continue" again gives me this pop-up:


    When I click "allow" the page behind it refreshes and now the yellow "Cookies required to use Safari" prompt disappears and I can log in.

    If I then log out, I don't get the yellow "Cookies required to use Safari" again. Although sometimes I do get it again, not sure why the inconsistency. Clicking "continue" on it, I get the "Safari Cookie Requirements" page, clicking "continue" returns to the page with the yellow warning, and clicking "continue" a third time gets me to the login page without the yellow warning nor the pop-up. Kind of silly, but that's the way it seems to be working for me.

    If I clear my cookies again for my domain, it resets everything and I have to get to that Safari "Allow" pop-up again.  It could be that this is a new Safari thing to make an exception and allow a third party site (Zendesk) to access cookies placed on another domain (mine, with the support. hostmapped subdomain.)  My Safari version is: 14.1.1 (15611.2.7.1.6, 15611) -- If it is, I don't know of a way to check and manage what those exceptions are, other than in the cookie itself (because once that cookie is removed, the prompt appears again.)

    As to Chrome, ever since I fully removed it from my Mac, it has run so much faster that I'll not consider installing it back any time in the near futures (Get a program from the Apple Store called Little Snitch and then open Chrome and Safari. You'll see that with each new window/tab, Chrome sends out data packets to 50 or destinations, to Safari's only 2 or 3.)

    Given how inconsistent this login issue is, I'd say there are certainly some flaws in its implementation, and given the history of this issue, it is unfortunately not too surprising.  But we do need to continue to provide these feedbacks because it's obvious their QA process isn't catching these flaws. I am glad, however, that there does seem to be progress (some, even if by Apple and not Zendesk.) even if the communications haven't been stellar...

    1

Please sign in to leave a comment.

Powered by Zendesk