Uploading attachments securely to a ticket

5 댓글

  • Tuomas Savonius

    Any comments on this issue?

  • Tipene Hughes
    Zendesk Developer Advocacy

    Hi Tuomas,

    Thanks for reaching out and sorry for the delay in someone getting back to you!

    As it currently stands, the best way to ensure security when using the Attachments API together with a ZAF app would be by using a piece of backend middleware to process the request. This way, your credentials won’t be exposed on the client side. 

    I know this is not an optimal solution and I’m working with our product team to see if we can look in to making changes to the ZAF request method to allow for securely uploading ticket attachments directly from the browser.

    I’ll reply back here once I have any more information that I can share with you.



  • Tuomas Savonius

    Thank you. Yeah, the middleware doesn't fix a lot, yes, the zendesk token would be safe but the connection to the middleware should optimally be secured too, and there we get the next set of issues.

    Please keep me updated, I have found many similar community posts from the past that have struggled with this same issue.

  • Tuomas Savonius

    Do you have any updates on this? This is a high concern item for us currently

  • Boris Berenberg

    FYI this also impacts me and is blocking a new app I am working on. Customers don't want data to leave the browser and go to our systems, so we really want to upload a file using the ZAF API. 


댓글을 남기려면 로그인하세요.

Zendesk 제공