- Fixed a regression in the knowledge capture app due to enhancements to vendor browser security for iframe sandboxes.
- Improved telemetry for a particular edge case hit occasionally when reloading apps.
- Improve the internal API that host products use to define public API objects.
- Improved internal error reporting
allow-downloadssandbox permission to apps iframe for Chrome versions after v83
- Improved internal mechanism around loading apps payload for local apps development.
- Add internal API to improve app runtime lookup for host products.
- Federated logic for CSRF tokens to help foster a more consistent developer experience across Support, Chat and Sell.
- Made some under-the-hood improvements for error handling.
- Fixed an issue with mounted apps not reloading properly when using Zendesk Apps Tools (ZAT).
- Implemented a bug fix for logo URLs that could be incorrectly formatted in older multiproduct apps.
- Enhancement for apps reload to include cookies by default in order to allow this functionality to work in products other than Support, such as Sell.
- Made an under the hood enhancement to the way ZAF integrates with products
- Made a separate change to make ZAF less tightly coupled to Support and more product agnostic
- Some small changes / preparatory work for performance improvements to ZAF
- Made some improvements to caching of ZAF asset
- Chat specific fix for new request behaviour for ZAF
- Improvements to app reloading behaviour in Support
- Fixed a problem that could occasionally occur in Support when opening modals with the Instances API when multiple ticket tabs were open
- Added documentation for OAuth
- Fixed a bug that could prevent apps that used signedURLs from loading in Chat and Sell
- Logging and error reporting improvements
- Implemented a new mechanism for refreshing CSRF tokens in order to improve user experience in host products
- Fixed a bug that involved requests from the framework not returning headers when rate limited and passing
- Fixed a bug associated to calls to an under-the-hood cleanup mechanism when the framework is implemented within a downstream product
- Refactored requests code
- Added additional error handling
- Fixed a bug that could sometimes result in failed authentication to Zendesk APIs
- Removed dependency on 3rd party
- Replaced AJAX usage with Zendesk-written library
- Improved client side request throttling
- Fixed a bug where in some cases, apps would fail to authenticate with Zendesk APIs
- Removed support for ZAF v1, disabling v1 apps in unextended accounts. Learn more
- Updated Secure settings field character limit.
- Added documentation for Sell.
- Added support for settings in signed urls.
- Added support for setting initial size in manifest location object.
- Added new event instance.registered.
- Added new property
- Added support for via as part of the Ticket object.
sizeoption to Core API action
httpCompleteResponseoption to be able to retrieve headers and responseStatus.
- Added client-side throttling to Zendesk API requests.
- Settings' helpText now supports Markdown. See App Internationalization.
- Triggers and automations can be updated. See Updating or Deleting requirements.
- Replaced old
notificationevent with a new
api_notificationevent, that besides the text, includes the sender in the payload.
iconCharsapi. See IconChars
- Updated Zendesk Garden to 2.0.
- Added new core APIs for expanded & collapsed apps events Core Events
- Added new data API to check app collapsed status isCollapsed
- Added support for updating and deleting Requirements for Apps
- Added support for getting macros for Zendesk Support.
- Added support for invoking a macro for Zendesk Support.
- Added support for routing to views via the
- Added support for externalId as part of the Ticket object.
- Added support for externalId as part of the Organization object.
- Added support for chat.department as part of the Chat object.
- Added support for channel.department.changed event to the chat_sidebar location.
- Added support for getting identities as part of the user object.
- Added support for bulk invoke calls.
- Updated Zendesk Garden to 1.0.
ticketField:X.optionsin favor of two new APIs:
- Added support for the
iconSymbolAPI and deprecated
- Released Zendesk Garden for Zendesk Apps.
autoRetryoption to control automatic retry behaviour of rate-limited requests.
- Added the ability for apps targeting version 2 of the framework to specify per-location options.
- Deprecated the use of the
noTemplatemanifest property. Developers should switch to using
autoHidelocation flags instead.
- Added support for the
- Added support for the background location for v2 apps.
- App Framework 2.0 released!
- Delegated authentication functionality of ZAP to specialist authentication micro-service. No functional behaviour changes.
- Updated the base image to a more secure version. No functional behaviour changes.
- Implemented a minor internal logging change. No functional behaviour changes.
- Fixed an upgrade headers bug, where a body was not returned in a response if certain headers were set.
- Bumped ruby to a more stable and up to date version.
- Fixed a bug with response headers if a request is malformed. Previously malformed requests did not return in their response access control headers, including origin. Now they do.
- Added the requesting agent's ID (
X-Zendesk-User-Id) to any outgoing request via the insecure proxy (note, not the secure proxy as with v3.18.77; this is a change to another part of the same system).
- Added support for HTTP PATCH for insecure proxy requests
- Added support for insecure proxy requests for Chat and Sell.
- Added the requesting agent's ID (
X-Zendesk-User-Id) to any outgoing request via the secure proxy.
- Implemented additional logging improvements to differentiate traffic errors for better Zendesk-internal monitoring.
- Better handling of 422s from an internal Zendesk service.
- Fixed an issue where sending a
'%'payload with the wrong content-type header did not explain why the request failed.
- Improvements to CORS request functionality for Chat and Sell.
- Made a small security improvement.
- General security improvements
- Actioned change to make ZAP Chrome 80 ready (with relation to the same-site cookies changes)
- Further improvements on caching and performance
- Added support for secure oauth requests
- Added support for HTTP PATCH for secure requests
- Improved DNS resolution
- Improved caching
- Added support for protocol in domainWhitelist property in app manifest
- Improved handling 429s from Zendesk's own services
- Improved security around DNS resolution