Recent searches


No recent searches

No Auth Custom Object Type



Posted Jun 14, 2021

Hey team, 

Wanted to see about the feasibility of having an anonymous read-only permission on some of our object types? We had the following use case that we are trying to support. 

Use Case: User scans QR code that has URL which contains the Object ID in the params. On the HC site we fill values from the object to hidden fields on the ticket. User then submits information about the location (think bathroom, needs cleaning). The object look-up should be allowed anonymously as the user isn't required to be signed in to submit a ticket via QR scan. 

Currently we have tested 90% of this, but it appears we'd have to store some generic end-user credentials to make the call. Ideally I'd like to have an option for anonymous read-only for this, or possibly for catalog items in the future. Objects are currently updated via integration to another service, so we want to preserve the URL as opposed to having to update the URL & QR with params when values/names change. 


2

8

8 comments

image avatar

Eric Nelson

Zendesk Developer Advocacy

Hey Matt,

Sorry this one got missed until now! I think this is a great idea, I'm going to pass it along for review with the corresponding product manager. Is there anything else you want to include on this before I send it out?

Have a wonderful day!

Eric Nelson | Manager - Developer Advocacy

0


I think that's pretty much it, happy to clarify anything if there are questions. 

Best, 

Matt

0


I think, we can do a lot of good things if we have ability to allow anonymous users read (or probably do more CRUD stuff). I have to use firebase for some use-cases; if you can update permissions UI/API for custom objects to support anonymous use-cases, we can do a lot.

0


Please look at https://support.zendesk.com/hc/en-us/community/posts/5069348265242-Recently-Updated-Articles-Feed-?page=1#community_comment_5128638579738 

 

This is very good use-case where anonymous read would have helped. I implemented whole feed thing using custom objects but it works for signed_in users and require me hardcoding (a dummy end-user) credentials.

 

Why doesn't Custom Objects API respect agent/admin session on help-center pages? Why am I required to pass authorization header if I am already logged in help-center, and javascript is trying to read/write/update?

0


image avatar

Eric Nelson

Zendesk Developer Advocacy

Hey Abdul,

I've passed this along as feedback to the team that owns custom objects. I know that they're doing a lot of work on it so this may already be in the works. I'll let you know if I hear back from them confirming that.

Thanks!

0


Hey Eric, 

Currently we implemented the above use case, and are indeed blocked because there is no way to have anonymously read objects. The authenticated experience is great, but the experience would be next level with anonymous endpoints. 

I've also shared feedback that this will need to be in place if there is any hope to have Look-Up fields be end-user editable for un-authenticated support contacts leveraging objects. 

 

0


Hey team, 

Wanted to see if this was something in the works? I know the Custom Object Look-up fields are on the horizon, so wasn't sure if this would be part of that work?

Best,

Matt

0


image avatar

Greg Katechis

Zendesk Developer Advocacy

Hi Matt! I looked at the available info that I have around this and there is nothing being discussed regarding a no auth option at this point.

0


Please sign in to leave a comment.

Didn't find what you're looking for?

New post