Recent searches

No recent searches

"Zendesk for Teams App" requires too many critical permissions

image avatar

Josef Prandstetter

Zendesk Luminary

Posted Mar 23, 2022

We are highly interested using your Zendesk for Teams App, especially because of the features that are planned for the future.

We were able to convince our IT administration that they met the required permissions for a temporary demo - however, we immediately received feedback that all of these permissions could not be granted permanently.

  1. Is there any documentation on which of the permissions are only intitially required for the initial setup and can be revoked afterwards.
  2. Are there plans for future versions to use fewer permissions?
  3. Does the app only work if all permissions are provided or can they be revoked individually and then a certain function is no longer available?
  4. If yes: Which features are not available when permission X is revoked from the app after installation?

1

2

2 comments

Date

    Official

    image avatar

    David Gillespie

    Zendesk Product Manager

    Hi Josef Prandstetter,

    Thanks for flagging and we appreciate the concerns. 

    These permissions are required for the core functionality of the app to work. Whilst we appreciate that there are a lot of permissions, the app has a lot of features and for the features to work they require access to specific data.

    Please note that the integration doesn't store any customer or user personal information, any Teams message data or any Zendesk Ticket data. The requested data is used to process messages or streamline interactions.

    See responses to your specific questions:

    1. There is no documentation for this. If permissions are revoked then features will stop functioning.
    2. There aren't plans for this at the moment, but we have captured your feedback on this.
    3. Certain features require specific permissions. We need to work with the developer (Softserve) to confirm the specific list, if they can be revoked individually and what the impacts would be.
    4. See comment above.

    Thanks,

    David

    0

    image avatar

    Braden

    We've also noticed that the ZenDesk Sales app is requesting tenant-wide admin consent in Office 365 for email integration, which implies read/send permissions for all mailboxes in our organization. This raises security concerns, given that only a few individuals use the app.

    I was seeking clarification on whether this broad permission is intentional or if there's a more specific option available. But this page tells me there isn't a more specific alternative currently. I hope that you will consider one in the future.

    0

    Please sign in to leave a comment.

    Didn't find what you're looking for?

    New post