Recent searches


No recent searches

Kirsten Wilson's Avatar

Kirsten Wilson

Joined Mar 15, 2023

·

Last activity Jan 07, 2025

Zendesk Product Manager

Following

0

Followers

0

Total activity

22

Votes

0

Subscriptions

11

ACTIVITY OVERVIEW

Latest activity by Kirsten Wilson

Kirsten Wilson commented,

Community comment Feedback - Ticketing system (Support)
Hey Alex, thank you for taking the time to provide us with this feedback! 
 
This is a great feature request and I have added it to the backlog for future consideration. This means that we will think about adding it as a priority later in our planning cycle. We are going to leave this post open for comment to allow others to provide their feedback and use cases, however please note as is stated in our Community Guidelines that we can not commit to prioritizing any one piece of feedback we receive in the community. 
 
Thank you again for your feedback and for being a valuable customer with Zendesk.

View comment · Posted Jan 07, 2025 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson commented,

CommentGlobal security and user access

Hi Iris, hopefully your agent was able to get signed in but if you are still having some trouble please create a ticket so that we can take a further look. In most cases when a recovery code is generated for a team member and it expires or no longer works, you would repeat the steps mentioned above to generate a new code. 

View comment · Posted Jan 06, 2025 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson commented,

Community comment Feedback - Ticketing system (Support)
Hi Molly, 
At this time there is no way to identify which end users have 2FA enabled but the team is looking into adding the ability for admins to enforce it in the future. Stayed tuned for updates as we continue to make additional improvements. 

View comment · Posted Sep 18, 2024 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson created an article,

ArticleAnnouncements
Announced on Rollout starts Rollout ends
September 25, 2024 October 21, 2024 April 2025

We’re excited to announce new protections that Zendesk is bringing to your account to prevent unauthorized access. Your private data is a crucial resource and a valuable target for malicious actors. With this update, we will greatly increase the security of that data by preventing new and unknown devices from connecting to your account through agent logins without approval. 

Starting on October 21, 2024, we will be introducing two-step verification (2SV). As part of our ongoing commitment to provide a secure and reliable environment for our customers, we are implementing this feature to enhance account security. This will be rolled out over an extended period from late October through April 2025 to ensure a smooth transition for all our valued customers.

This announcement includes the following topics:

What is changing?

Customers who have Zendesk authentication turned on will be automatically enrolled in 2SV. When customers sign in from a new device, 2SV will prompt them to enter a 6-digit code they must retrieve from the primary email address on file before they can sign into their account. 

We will prompt customers to enter this code when they sign into their Zendesk account from a device we have not seen them use before. If the agent does not receive the email with the passcode, they can request that their administrator retrieve a recovery code on their behalf. If you currently do not have Zendesk authentication turned on but decide to turn it on in the future, 2SV will automatically be turned on on your account.

Why is Zendesk making this change?

Zendesk is making this change to better align with security best practices and industry standards. In today’s security climate, relying on a password as your only authentication method is not enough, and having a second method of authentication helps ensure that the credentials being used are connected to a valid user.

What do I need to do?

To prepare for this change, administrators should inform agents to verify that they are able to access the primary email address on file. If they cannot access that email inbox, they must update it to one that they can access prior to 2SV being enabled on their account. 

If you have feedback or questions about this announcement, visit our community forum, where we collect and manage customer product feedback. For general assistance with your Zendesk products, contact Zendesk Customer Support.

 

 

Edited Sep 25, 2024 · Kirsten Wilson

5

Followers

5

Votes

0

Comments


Kirsten Wilson commented,

Community comment Feedback - Ticketing system (Support)

Hello everyone, thank you for taking the time to provide us with this feedback. We apologize for the delay on our end in providing you with a response to your feature request.


We wanted to let you know that at this time we are not able to commit to building this feature but have it noted as a potential to revisit in the future. We understand that branded and tailored experiences are important for our Zendesk users and we are looking into ways in which we can accomplish this through different channels however, this particular feature is not able to be prioritized at this time. We understand this may be frustrating but wanted to ensure we closed this loop to remain transparent.
 

At this time we are going to close this post for comment and mark it as “not planned”. If you are interested in learning more about this and other features being built please make sure to check out and follow our Community events, What’s New Community Topic, and Zendesk Updates. Again, we apologize for our delay and appreciate you being a valuable Zendesk Community member.
 

View comment · Edited Jul 09, 2024 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson commented,

Community comment Feedback - Ticketing system (Support)

Hi everyone, 

Thank you so much for the feedback as well as the additional use cases. This capability is currently not on our roadmap but it is something that we can consider exploring in the future. 

 

View comment · Posted Jun 14, 2024 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson created an article,

ArticleAnnouncements
Announced on  Rollout on Rollout ends
July 1, 2024 July 31, 2024 December 31, 2025

What's changing?

Starting July 31, 2024, we will no longer offer email and password as an authentication method for API calls for new accounts and for accounts that are not using this method. If you’re actively using this method today, you will be able to continue until December 31, 2025 and we will contact you separately over the following months with details on how you can migrate to API tokens or OAuth. As we prepare for the removal of the Password Access for APIs setting in Admin Center and the email/password authentication method, our documentation has been updated to only feature API token and OAuth as the supported authentication methods.

 

If our records indicate that you currently have the Password Access for APIs setting turned on but we have not detected any activity, we have emailed you to say that we will be turning off this setting over three weeks starting July 1. If you wish to continue using this feature, you will need to manually turn the setting back on by July 30. Once re-enabled, you will have until December 31, 2025 to switch to another authentication method.

 

Why is Zendesk making this change?

Your account security is our top priority. The option to access APIs with a username and password is inherently insecure as passwords can be compromised, reused and this method no longer aligns with modern best practices for API authentication. Removing the ability to use the same username and password for API access mitigates the risk of unauthorized access and changes to your account in case your credentials are compromised.

 

Are any alternatives available?

Yes, there are two secure alternatives for authenticating API calls. Using tokens requires very small change for users currently using password access. OAuth is a little more complicated but allows you to create tokens with granular permissions (read vs write, etc) and allows for more security conscious setups.

 

Note: each API token can be used by any verified user on the account and isn't associated with a specific user. Permissions are limited by the user role associated with the provided email address.

 

API Tokens: Learn more about API tokens here.

OAuth: Learn more about OAuth here



What do I need to do?

If you currently have the Password Access for APIs setting turned on but are not using the capability, you can safely turn the setting off. You can find it in Admin Center under Apps and Integrations > APIs > Zendesk APIs > Settings > Password Access for APIs. Once turned off, the setting will be removed from the page starting July 31, 2024

 

If you do not turn the Password Access for APIs setting back on by July 30, no further action is required and the setting will be permanently removed from your account. If you wish to continue to use the capability, simply turn the setting back on before July 30 to continue access until December 31, 2025


If you have feedback or questions related to this announcement, visit our community forum where we collect and manage customer product feedback. For general assistance with your Zendesk products, contact Zendesk Customer Support.

Edited Feb 06, 2025 · Kirsten Wilson

0

Followers

3

Votes

0

Comments


Kirsten Wilson commented,

CommentSecurity and user access in Zendesk Support

Hi Mandy, 

 

Sorry this is happening, since I am not able to see the specific details of your account I'll provide some potential solutions. 

You most likely have some placeholders that act as an “open mail relay” meaning any text the spammer includes in the requester name or subject fields will be included unaltered in the email notification the trigger automatically sends out to the email address listed as the requester. 

To completely block the spam messages from being created you can enable the “anybody can submit tickets” setting or you can check the spam tickets to see which trigger is being used and remove or replace it with something more generic. 

 

Hopefully this helps, please submit a ticket if you need more help!

View comment · Posted May 08, 2024 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson commented,

Community comment Feedback - Apps and integrations (Platform)

Hi JD, 

Apologies for the delayed response and thank you for the suggestion. We will certainly consider making this feature available in the future. 

View comment · Posted Mar 08, 2024 · Kirsten Wilson

0

Followers

0

Votes

0

Comments


Kirsten Wilson commented,

Community comment Feedback - Ticketing system (Support)

Hi everyone! Just wanted to post an update to let you know that 2FA for end users is now available. More information can be found here

View comment · Edited Feb 12, 2024 · Kirsten Wilson

0

Followers

1

Vote

0

Comments