Recent searches
No recent searches
'secure' type parameter doesn't save
Posted Oct 15, 2024
Hi,
I've built a custom app that makes simple calls to the Zendesk API. I'm using the Zendesk API with a token instead of directly on my Zendesk instance, as when doing it directly it follows the user restrictions.
The problem we're having is that agents without access rights to all tickets (only to their own groups), can't change customer data, such as language, resulting in our dynamic content not properly working.
Therefore I created a custom app which makes it able to change the language of a customer through the Zendesk API.
In the custom app I've added a configuration field, called API token.
"parameters": [
{
"name": "admin_email",
"type": "text",
"required": true,
"secure": false,
"default": "admin_email@example.com"
},
{
"name": "api_token",
"type": "text",
"required": true,
"secure": true
}
]
When installing this app through zcli, I'm asked to input the value for api_token, which I do.
And also in the app configuration, I'm able to input the token. In both cases, the field shows empty in the app config, but maybe that's just how it works for secure fields?
But here it is: when doing API call with that token, I get an error stating that the token is not present. So the parameter is not filled at all.
Some additional logging:
// Fetch the API token and admin email from the app parameters
client.metadata().then(function (metadata) {
const apiToken = metadata.settings.api_token;
const adminEmail = metadata.settings.admin_email;
// Log to check if the API token is present
if (apiToken) {
console.log("API Token is present:", apiToken);
} else {
console.error("API Token is missing or not saved correctly.");
}
And this logging also tells me that the API token is not present.
When I save my token as not secure (secure = false), the token does get saved and the app works. But of course it's saved as plain text, which is not what I want.
0
2 comments
Greg Katechis
client.request()
method, which is the only way secure settings will work. You'll see that documented here and if you scroll up right above that, it will show you how to use this correctly.Let me know if you have any other questions!
1
James Peterson - Eastern Logic
Just to add on, it is expected that secure settings will show as blank in the admin page, and there is no way to retrieve the token via the settings. It's meant to be entirely obfuscated from the client and only works in the client.request() with secure: true as Greg mentioned.
1