No Auth Custom Object Type | Community
Skip to main content

No Auth Custom Object Type

  • June 14, 2021
  • 8 replies
  • 0 views
Matt45

Hey team, 

Wanted to see about the feasibility of having an anonymous read-only permission on some of our object types? We had the following use case that we are trying to support. 

Use Case: User scans QR code that has URL which contains the Object ID in the params. On the HC site we fill values from the object to hidden fields on the ticket. User then submits information about the location (think bathroom, needs cleaning). The object look-up should be allowed anonymously as the user isn't required to be signed in to submit a ticket via QR scan. 

Currently we have tested 90% of this, but it appears we'd have to store some generic end-user credentials to make the call. Ideally I'd like to have an option for anonymous read-only for this, or possibly for catalog items in the future. Objects are currently updated via integration to another service, so we want to preserve the URL as opposed to having to update the URL & QR with params when values/names change. 

      8 replies

      Eric27
      • Eric27
      • July 16, 2021

      Hey Matt,

      Sorry this one got missed until now! I think this is a great idea, I'm going to pass it along for review with the corresponding product manager. Is there anything else you want to include on this before I send it out?

      Have a wonderful day!

      Eric Nelson | Manager - Developer Advocacy

      Matt45
      • Matt45
      • Author
      • July 16, 2021

      I think that's pretty much it, happy to clarify anything if there are questions. 

      Best, 

      Matt

      Abdul12
      • Abdul12
      • November 16, 2022

      I think, we can do a lot of good things if we have ability to allow anonymous users read (or probably do more CRUD stuff). I have to use firebase for some use-cases; if you can update permissions UI/API for custom objects to support anonymous use-cases, we can do a lot.

      Abdul12
      • Abdul12
      • November 16, 2022

      Please look at https://support.zendesk.com/hc/en-us/community/posts/5069348265242-Recently-Updated-Articles-Feed-?page=1#community_comment_5128638579738 

       

      This is very good use-case where anonymous read would have helped. I implemented whole feed thing using custom objects but it works for signed_in users and require me hardcoding (a dummy end-user) credentials.

       

      Why doesn't Custom Objects API respect agent/admin session on help-center pages? Why am I required to pass authorization header if I am already logged in help-center, and javascript is trying to read/write/update?

      Eric27
      • Eric27
      • November 17, 2022
      Hey Abdul,

      I've passed this along as feedback to the team that owns custom objects. I know that they're doing a lot of work on it so this may already be in the works. I'll let you know if I hear back from them confirming that.

      Thanks!
      Matt45
      • Matt45
      • Author
      • November 17, 2022

      Hey Eric, 

      Currently we implemented the above use case, and are indeed blocked because there is no way to have anonymously read objects. The authenticated experience is great, but the experience would be next level with anonymous endpoints. 

      I've also shared feedback that this will need to be in place if there is any hope to have Look-Up fields be end-user editable for un-authenticated support contacts leveraging objects. 

       

      Matt45
      • Matt45
      • Author
      • May 8, 2023

      Hey team, 

      Wanted to see if this was something in the works? I know the Custom Object Look-up fields are on the horizon, so wasn't sure if this would be part of that work?

      Best,

      Matt

      Greg29
      • Greg29
      • May 9, 2023

      Hi Matt! I looked at the available info that I have around this and there is nothing being discussed regarding a no auth option at this point.

      Terms & ConditionsCookie settingsAccessibility statement