Zendesk Secure Settings Proxy Error

Kate Culver

• April 26, 2022 21:22

We're using Zendesk's Secure Settings feature to inject our private API token into our Zendesk App. We are seeing "Proxy Error: Invalid Response" when we make a call to our API through the Zendesk Proxy (which is injecting the secure setting private API token). Our theory is that the Zendesk proxy is adding headers to our request, headers that our API doesn't allow.

 

Is this an error with the request that our Zendesk app sends to the Zendesk proxy or is the error from our API when the proxy sends the request to our API? Does the Zendesk proxy add headers to the request to our API?

 

I've included screenshots of the response and our snippet of code making the call

 

 

• Eric Nelson

  • April 27, 2022 14:40

  Zendesk Developer Advocacy

  Hey Kate,
  
  Tough to say based on the info we have. Are you experiencing this when serving the app from local during development?
  
  Thanks!
  
• Kate Culver

  • April 27, 2022 17:57

  Hi Eric,

  Yes I'm experiencing it while running the app locally using:

  zat server --app-id=

  with our app id & then entering our private API key when prompted by:

  Enter a value for optional parameter 'lomi_api_private_api_token' or press 'Return' to skip:

  Is the Zendesk proxy adding headers to the request?

• Eric Nelson

  • April 27, 2022 19:09

  Zendesk Developer Advocacy

  Hey Kate, 
   
  Zat can't actually handle secure parameters when running the app locally. We talk about it here and here, I'd suggest installing the app as a private application and see if you still run into the issue. 
  
  Thanks!
  
• Dinesh Korgaokar

  • May 05, 2022 06:51

  Hello Kate,

  can you try cors: true option in request for making  cross-origin HTTP requests 

  Thanks,

• Kate Culver

  • May 05, 2022 17:28

  Eric Nelson That explains a lot! I hadn't come across that yet, thank you!
  That's a bit frustrating that we have to deploy in order to test but that unblocks me!

   

  Dinesh Korgaokar cors: true can't be used with Zendesk Secure Settings because it cors: true bypasses the Zendesk Proxy which is what injects the Secure Setting.

• Brian Reynolds

  • June 05, 2022 14:04

  I am having this same problem. Were you able to resolve it? It seems like the error is on the Zendesk proxy server, not the external API server.

• Eric Nelson

  • June 06, 2022 14:39

  Zendesk Developer Advocacy

  Hey Brian, 
  
  Are you experiencing this when testing from locally while using secure settings like Kate?
  
• Brian Reynolds

  • June 07, 2022 11:13

  Hi Eric,

  No, I had noticed from the documentation that secure parameters cannot work through the ZCLI testing method, so this was after uploading to our environment.

  Thank you,

  Brian

• Eric Nelson

  • June 07, 2022 12:32

  Zendesk Developer Advocacy

  Hey Brian,
  
  Would you mind if we open up a ticket so that you can share your application with us?
  
  Thanks!
  
• Brian Reynolds

  • June 07, 2022 16:59
  • Edited

  Hi Eric,

  Figured it out! The domainWhitelist in the manifest was incorrect. I had only added "domain.com" and it requires "subdomain.domain.com." That one change fixed it.

  Thank you,

  Brian

• Eric Nelson

  • June 07, 2022 17:19

  Zendesk Developer Advocacy

  Glad to hear you got it sorted? Let us know if you need anything else.
  

Please sign in to leave a comment.