Does the SDK filter out tickets that are not created by/for the user? | Community
Skip to main content

Does the SDK filter out tickets that are not created by/for the user?

  • December 21, 2022
  • 3 replies
  • 0 views
Vaios

Hello

We have a question about the Support Android SDK. 
Before I start, I need to mention that we use our own custom UI and `JwtIdentity` to authenticate our users. We noticed that If a user is authenticated and tries to fetch a conversation (based on a conversation id) that was not opened by or for him, then he will get the following error:

404 {"error":"RecordNotFound","description":"Not found"}

Does this SDK filter out the conversations that do not belong to the authenticated user? If so, is there any way to bypass it?

    3 replies

    Greg29
    • Greg29
    • December 21, 2022

    Hi Vaios! If a user would be able to access a ticket that they didn't create, that would be a  security issue, so this is absolutely intentional. Could you explain your use-case so that I can understand what you're looking to accomplish here?

    Vaios
    • Vaios
    • Author
    • December 22, 2022

    Thank you very much for your quick response :)

    We were thinking that maybe users who share a resource (car, house, etc) should be able to see tickets that were opened for this resource. Is this possible to happen?

    Greg29
    • Greg29
    • December 22, 2022
    I would recommend looking into organization access to handle this. It may not be a 1:1 fit, but it would give you what you are generally looking for here!
    Terms & ConditionsCookie settingsAccessibility statement