Help using secure setting placeholder {{setting.name}}

Answered

August 08, 2022 18:55

I am currently creating an app for support and I am having trouble using the secure placeholder {{setting.name}}.

I am following this article: https://developer.zendesk.com/documentation/apps/app-developer-guide/using-the-apps-framework/?_ga=2.194966061.1010806308.1659961382-218685136.1659626457#using-secure-settings

I have installed the app as a private app since I know it does not work with the developer environment.

My request settings are setup as such:

var settings = {

url: "insert URL",

headers: {

Authorization: 'Basic ' + btoa("{{setting.token}}:PAT")

secure: true,

type: 'GET',

dataType: 'json',

};

Manifest is setup as such:

{

"name": "Project Name",

"author": {

"name": "name",

"email": "email@email.com",

"url": "https://d3v-phillipssafety.zendesk.com"

"defaultLocale": "en",

"private": true,

"location": {

"support": {

"ticket_sidebar": {

"url": "assets/iframe.html",

"flexible": true

}

"domainWhitelist": ["whitelistedRequestSite.com"],

"parameters": [

{

"name": "token",

"type": "text",

"secure": true,

"required": true

}

"version": "1.0",

"frameworkVersion": "2.0"

}

Thank you to whoever helps in anyway!

9 Comments

Eric Nelson
- August 09, 2022 14:02
Zendesk Developer Advocacy
Hey Mathew,

Quick review of your code and it looks good. Can you tell us more about the troubles that you're having? Is the auth header undefined or something else when received at the requests url?

Thanks!

0
Mathew Ehrenberg
- August 09, 2022 14:42
I received 401 and 403 errors from the request when the app was installed and using the placeholder. When the basic authentication is hard coded the app functions as normal. When checking the Authorization header in the console, it looks as if it is sending "{{setting.name:PAT}}" as the credentials without swapping out the placeholder resulting in the errors. I am just not sure what to change to fix it.

0
Eric Nelson
- August 09, 2022 14:57
Zendesk Developer Advocacy
It looks like the base64 encoding is happening prior to the proxy replacing the placeholder with the secure value. An easy option to fix this would be to just save the string already base64 encoded into the secure setting field. That way the encoding isn't happening prior to the request hitting the proxy.

0
Mathew Ehrenberg
- August 09, 2022 15:19
Unfortunately that didn't seem to work. The auth header came out as "Authorization: "Basic {{setting.token}}". String was already encoded as well and updated within the apps settings.

0
Eric Nelson
- August 19, 2022 12:29
Zendesk Developer Advocacy
Hey Matthew,

Sorry that I missed your response. Are you still having issues?

0
Mathew Ehrenberg
- August 19, 2022 12:50
Yeah. The possible solutions haven't worked. Are there any small details I could be missing?

0
Eric Nelson
- August 19, 2022 13:34
Zendesk Developer Advocacy
Hey Matthew,

Tough to say, I just spun up a small example repo which you can use as a point of reference / to test out the workflow.

Hope this helps!

1
Mathew Ehrenberg
- August 19, 2022 14:22
That's amazing. I'll take a look and update if I have any questions. Thank you!

0
Mathew Ehrenberg
- August 22, 2022 12:57
Seems I found the issue. The domainWhiteList property was what was giving issues. Seems I may not have the correct domain in the setting.

0

Please sign in to leave a comment.

9 Comments

Didn't find what you were looking for?