10,000 character limit on the Allowlist
I am really disappointed with the 10,000 character limit on the allowlist for Zendesk access control. The way we have set up our Zendesk is to only allow emails from the customers in the allowlist. We add our customer domains in the allowlist for the same reason. The problem now is we have 15-20 customers that need to be added to zendesk on a monthly basis and we don't have any character space left in the allowlist.
The only solution from the Zendesk support team is to trim the sub-domains, but we hardly have any customer sub-domains in the allowlist. The only solution I can think of is to set our zendesk access to open which means we are more vulnerable to spam emails. This is not our preferred option. Is there any chance we can increase the character limit on the allowlist?
Hi Nish Chawla,
Thanks for sharing your needs with setting up of the allowlist. My team is currently looking into allowlist settings and would like to connect with you and fully understand about your experience.
Please share your experience with us on this topic at https://calendly.com/pooja-palan/15min?month=2021-10
I was chatting with Pooja about this issue and it occurred to me that there are other ways to address this need of your account outside of the Allowlist and the Blocklist. You could disable the feature "Anybody can submit tickets" in your account (Settings>>Customers>>Anybody can submit tickets), and then add these new addresses as actual users in your account rather than adding them to the Allowlist. This would have the same effect. All traffic would be blocked except by known users. This offers a very effective defense against spammers, also. If you are leveraging SSO then you can create new users as needed through that authentication method. if you have any more questions feel free to open a ticket with us and mention this post's thread, and we would be happy to take another look and make more suggestions.
Unfortunately, this is no solution for us as it means we need a person full time adding new users and triaging tickets. Adding a domain to the allowed list was a one-time thing and with the proposed solution, we will have more admin work.
I understand. If you open a ticket with us I can show you how to leverage the suspended_tickets API endpoint to your great advantage.
Your current workflow is unsustainable and does not permit further growth. There are options available to you that we can offer assistance. The Allowlist was not meant to be used to cite your known and acceptable customers. It was meant only to make a soft threshold determination about traffic from those recognized customers, and how we should respond to that traffic.
The feature "Ask users to register" can be used in a similar fashion as the "Anybody can submit tickets," but you have some programmatic power to allow or reject, based on your business needs, with the API.
We apologize that, at this time, the Allowlist can not possibly accommodate your list of growing customers. There are much better ways to manage traffic that do not require or rely upon limited character-count resources. Please open a ticket with us and we can guide you better in accomplishing your customer acceptance/denial needs.