I'm a software developer at planhat.com and we offer our customers an integration with Zendesk. Here is the Planhat app in the Zendesk Marketplace → https://www.zendesk.com/marketplace/apps/support/97448/planhat/, and here is the Zendesk Integration details in the Planhat website → https://www.planhat.com/integrations/zendesk
In short, a Planhat customer can create a Zendesk API Token permitting us to access their Zendesk Tickets, as a result, a Planhat service adds via API a webhook and a trigger to receive Ticket events in a Planhat HTTP endpoint. This flow is working well, and the Zendesk Tickets are synced to Planhat without any issues.
My problem is when a customer stops using our services by revoking the Zendesk API Token, there is no way to delete the webhook and the trigger via API anymore, as a result, Zendesk keeps sending Tickets to the Planhat HTTP endpoint.
I want to know how to disable or delete a webhook if I no longer have a valid API token.
Can we answer a specific HTTP status code to the Zendesk service when it calls our endpoint to stop receiving Ticket events for the related customer?
How to disable a webhook and a trigger via HTTP response
We have a similar setup in our application. While we can set up an offboarding process if the connection is removed from our side, we can't stop the customer disconnecting the integration from the Zendesk Admin panel - and if they do that then there's no way for us to deregister the webhook.
In practice we're going to end up returning a non-200 response from the webhook handler, and Zendesk's webhook sending system is going to have to deal with that.
It would be good if there was an official way to say “stop sending more webhooks to this address and don't retry”.
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
There wouldn't be any way to make changes to an account via API, including any web hooks and triggers, without proper credentials. You'd need to look at some type of off-boarding process for removing the webhooks while you are still credentialed for the account.