Best practices for Zendesk apps developers

Introduction

All the apps you build with the Zendesk Apps framework should follow the set of best practices outlined in this article. These best practices can help on various levels. They make it easier for you to ensure your app won't affect your Zendesk account's performance or deteriorate the agent's experience. They can help make migrating framework versions faster and smoother. They can potentially help you avoid breaking changes. They can help you pass the approval process for public apps after the first submission.

Whether you're building an app for your own company or for all Zendesk customers, we strongly encourage you to follow these guidelines and best practices.

If you aren't sure about any of the points below, have questions about the approval process, or you'd like to receive guidance or help building your first Zendesk app, feel free to get in touch at [email protected].

Best practices

  • Use the CDN framework version of the ZAF SDK.

  • Use Zendesk Garden from npm.

  • Don't Repeat Yourself. Be critical of your own code. If you see that you've repeatedly done the same thing in your code, then look to simplify by making helper functions that can be used in more than one place.

  • Clean up. Use life-cycle events app.deactivated and app.willDestroy to tidy up your app's state. The intent for these events, and a general best practice, is to clean up anything that your app might have set up that's no longer needed and might impact the performance of the host product. A prime candidate for cleanup are intervals created through setInterval or setTimeout. You should always store a reference to an ID returned from either of the above methods so as to be able to call clearInterval or clearTimeout.

  • Use promises to handle asynchronous instructions. See JavaScript Promises: an Introduction on Google's developer portal for a great introduction.

  • Cache the result of promises and API requests when the data doesn't change often.

  • Use secure settings for any sensitive setting, like API tokens or passwords.

  • Use a domainWhitelist when using secure settings.

  • Don't attempt to read secure settings. It won't work. Secure settings can only be used as placeholders that get replaced by the server.

  • When making AJAX requests to the Zendesk API, avoid requesting all pages in a loop. If you must get all the data, make sure to add a delay between calls to avoid rate limiting.

  • Follow the Developer updates in Zendesk help to keep up to date with the latest changes.

  • Make sure you define an app version. An app version will help you, and anyone else using the app, keep track of what's installed. This can be particularly helpful if a bug is found and you need to provide a newer version of an app.

  • Prefer bulk calls over single calls whenever possible.

  • Specify autoLoad: false for locations where you don't need to display a user interface and use the background location with the Instances API to interact with those locations. This reduces the number of iframes that need to be created for your app, thus saving memory and CPU. See Instances API Sample app for an example of this technique.

  • Use the Zendesk React app scaffold when starting development of any non-trivial app. The scaffold includes many features to help you maintain and scale your app.

  • Use signed urls to verify the request is legitimate when developing server-side apps.

  • Clean up console.log and debugger statements before submitting your app.