David Burkholder

So the Cloudflare Worker route did not work properly on our end, I am not sure if it is my lack of knowledge/understanding or a technical issue on the cloudflare side. I have been trying to access the logged in user who is already in the Help Center,  I have been hitting https://(our domain).zendesk.com/access/sdk/jwt. I am presuming now that this does not work the same way as whatever a worker is?

Hello All,

I apologize if this is the wrong spot to post this. We want to enable messaging on our Guide / Help Center with Zendesk, but we do not want users to provide authentication details (Name or Email). Based on feedback users just want it to work, they want to login open a session and not need to re-login to the messaging widget. We have a grand total of 0 developers on staff, I can write SQL at an intermediate level but I don't think that helps here.

I want to authenticate users in Messaging without additional logins. I have followed instructions from multiple posts, comments, and articles in Zendesk Help but to no success. The closest I have gotten is after reading a comment on (https://support.zendesk.com/hc/en-us/articles/4411666638746-Authenticating-end-users-for-messaging?per_page=30&page=6#comments) which referenced a site called InternalNote. The issue I now face is that I am doing this as an Ajax call (I now have a super basic understanding of JS). When loading however, the system produces a CORS error, this is apparently some type of security thing? I cannot for the life of me get around this. For clarity we are using AAD as our SSO/IDP for Zendesk.

My “code” as it stands, I legit just modified (https://demo.internalnote.com/guide_messaging?ref=internalnote.com)

  //Get info on current User
  var user = [];
  $.ajax({
    url: '/api/v2/users/me',
    async: false,
    dataType: 'json',
    success: function (json) {
      user = json;
    }
  });

  //get token for current user
  var jwttoken = '';
  $.ajax({
    type: "GET",
    url: 'https://(oursubdomain).zendesk.com/access/jwt',
    beforeSend: function (xhr) {
      xhr.setRequestHeader ("Authorization", "Basic " + "(my-secret)");
      xhr.setRequestHeader ("Access-Control-Allow-Origin","*")
    },
    data: JSON.stringify({
      "external_id": user.user.id,
      "user_email": user.user.email, 
      "user_name": user.user.name
    }),
    dataType: 'text',
    async: true,
    success: function (json) {
      jwttoken = json;
    }
  });
  console.log(jwttoken)

  //authenticate messaging
  zE('messenger', 'loginUser', function (callback) {
    callback(jwttoken);
  });

The Error I get:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://(oursubdomain).zendesk.com/api/v2/help_center/integration/token. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 404.

I appreciate any help anyone can give me, especially since I am very much in uncharted waters.