How to make secure API call in Zendesk Guide?

Forum|Forum|2 years ago
February 2, 2024
1 reply
0 views

Harshit

1: We have created a trigger that sends a URL to the End user via email

2: The URL redirects to {subdomain}.zendesk.com/hc/en-us/ourCSAT form with ticket ID and user ID in Url as parameters

3: In the CSAT guide page we use custom code, we use the Zendesk Admin token to call the Ticket API,
to match the ticket ID with the user ID (for URL validation purposes).

4: Once the URL is authenticated, once they fill up the feedback form, we get the data and then again call the Zendesk Ticket Update API using the Admin Email ID and token and update the ticket.

The Issue we are facing is that the token is accessible.

Brandon12
Forum|Forum|2 years ago
February 3, 2024

Hey @harshit -

It is an interesting use case... and to the best of my knowledge there isn't an easy way to secure the token using the method you've described. That said, you've got some options.

1 - Instead of trying to update the existing ticket, you might consider creating a new ticket and passing the legacy ticket info to hidden custom fields, and then fire a webhook / trigger on ticket creation to close & merge that new ticket with the legacy ticket.

2 - Other tools like Formstack and Typeform have prebuilt integrations that allow you to customize a form and then sync that data over to a ticket using the same URL parameter passing that you are already familiar with.

3 - There are a number of 3rd party tools such as csat.ai that allow you to extend the capabilities of Zendesk Customer Satisfaction beyond the native features.

I'm curious what additional type of feedback you are trying to attract, and if there is a critical need to attach that data to the ticket itself vs creating something like a google sheet that just references the ticket ids so that you can go back and research if necessary.

Hope this helps!

Brandon

Like

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded