Introducing enhanced JWT authentication mechanism

Introducing enhanced JWT authentication mechanism

Hi all,

Greetings!
 
We are excited to introduce the enhanced version of the JWT authentication mechanism for ASAP add-ons.
 
ASAP
 
The ASAP (App Support Across Platforms) add-on in Zoho Desk is a stand-alone app that provides in-app self-service to the end-users. It works in tandem with your business, empowering it with the help center functionality right within the product. With ASAP, your customers do not have to navigate to a different page on your website to access help articles, seek help from customer service, or interact with fellow users. They can find the answers they need right within your business website.
 
There are two authentication methods available while configuring ASAP in the Desk portal:
  • Anonymous
  • JWT 
Anonymous: Anonymous users are end-users who choose not to log into the ASAP add-on. They can access your help article, submit tickets, view posts in the user community, and chat with your support agents. They can't perform other actions, such as editing or closing support tickets, and interacting with the user community.
 
JWT: In the JWT authentication method, the end-users are known as authenticated users because they choose to log into the ASAP add-on. They can perform nearly all the available actions within the ASAP add-on. The JWT authentication method is the most secure, and preferred means of authentication. 



Existing authentication mechanism
 
The existing authentication method uses a server endpoint, known as the JWT endpoint. End-users must set up this endpoint before configuring JWT authentication for the ASAP add-on. This endpoint contains the code that generates the JWT. From there, the IAM server sends the GET request containing the user token to the endpoint. Users are required to provide a valid URL for the JWT endpoint when setting up the ASAP add-on in Zoho Desk.



Improved JWT authentication mechanism
 
To provide a better, safer, and simpler authentication process, we have enhanced the existing mechanism. The enhanced mechanism verifies the authenticity of your end-users and grants them permission to use the ASAP-driven help center. 

The improved mechanism eliminates the necessity of the JWT endpoint. Now, when end-users attempt to log into ASAP, the IAM server will decrypt the JWT secret key that is sent from the application side and verifies the end user's authentication. This process allows only valid users to log into ASAP.



To learn about the complete authentication flow and the technical aspects of JWT, see our JWT mechanism for authenticating users in the ASAP add-ons (new flow) help doc.
 
Impact of the new authentication mechanism on existing web and mobile SDK users 
 
For users who activate new or additional ASAP in future, the new authentication mechanism will be in effect.
 
Note: The existing flow will be tentatively deprecated only for the web users within three months time. We will keep you posted regarding the deprecation of the existing authentication flow.
 
The enhanced method of JWT authentication has been officially released and is available to all users.
 
Give it a try, and share your suggestions and feedback here.
 
Have a great day!
Regards,
Varsha P

    • Sticky Posts

    • Zoho Desk Partners with Microsoft's M365 Copilot for seamless customer service experiences

      Hello Zoho Desk users, We are happy to announce that Zoho Desk has partnered with Microsoft's M365 to empower customer service teams with enhanced capabilities and seamless experiences for agents. Microsoft announced their partnership during their keynote

    • WhatsApp pricing changes: Pay per message starting July 1, 2025

      Starting July 1, 2025, WhatsApp is shifting from conversation-based pricing to per-message billing. That means every business-initiated message you send will count. Not just the first one in a 24-hour window. Pricing updates on the WhatsApp Business Platform

    • Live Webinar - Work smarter with Zoho Desk and Zoho Workplace integration

      Hello customers! Zoho Desk and Zoho Workplace are coming together for a webinar on 14th May, 2024. Zoho Workplace is a suite of productivity apps for email, chat, docs, calls, and more at one single place. Zoho Desk is closely integrated with a few tools

    • Apple iOS 17 and iPadOS 17 updates for Zoho Desk users

      Hello Zoho Desk users! Apple recently announced the release of iOS 17 and iPad OS 17. These latest OS updates will help you stay productive and efficient, through interactive and seamless user experiences. Zoho Desk has incorporated the updates to help

    • Zoho Desk Cheat Sheet For The Year-End

      Check out these Zoho Desk best practices to end this year on a high and have a great one ahead! #1 Set Business (Holiday) Hours - If you have limited working hours, please make sure you restrict your business hours or set them as holidays for the coming days. Let your customers know when you will, and won't, be available. #2 Update the Annual Holiday List - Check the holidays for the new year and update the holiday schedule. Usually, holidays from the current year will be carried over for the next

    • Recent Topics

    • Alerts for mentions in comments

      We are testing the use of Writer internally and found that when a user is mentioned in a comment, there is no email alert for the mention. Is this something that's configurable, and if so, where can we enable this option?

    • Subform Disabled Fields Should Remain Disabled on Edit/View

      Currently, when we disable a subform field using on user input or on add new row, it works perfectly during the initial data entry. However, when the record is saved and reopened for viewing or editing, these disabled fields become editable again. This

    • Is it really true that I can't set the default 'deposit to' account in 2025?

      I've been using Books for 7 years and the default account has never been a problem. I usually manually reconcile invoices and have never had a thought about which account. It has always been my account. However, I recently noticed that for the past 4

    • Standard Payment Term is not pulled from account to quotation

      Hey Team There seems to be something off. I do have "Net 30" as my default payment term in Zoho Books for my customers. If, from the customer overview or quote section, I create a new Quotation, the payment terms field stays blank and doesn't get the

    • OAuth integration issues

      I'm experiencing persistent OAuth errors when trying to connect Make with Zoho API. I've tried multiple approaches but keep encountering the following issues: First error: 'Invalid Redirect Uri - Redirect URI passed does not match with the one configured'

    • Zoho Mail Android app update: Manage folders

      Hello everyone! In the latest version(v2.9) of the Zoho Mail Android app update, we have brought in support for an option to manage folders. You can now create, edit, and delete folders from within the mobile app. You can also manage folders for the POP

    • Shortcut to fill a range of cells

      Good evening: I'm writing because I haven't been able to find a feature that allows you to select a range of cells, type in one of them, and then use a key combination to type in all of them. In Excel, the keyboard shortcut is Ctrl+Enter. I haven't found

    • validation rules doesn't work in Blueprint when it is validated using function?

      I have tried to create a validation rule in the deal module. it works if I try to create a deal manually or if I try to update the empty field inside a deal. but when I try to update the field via the blueprint mandatory field, it seems the validation

    • Get Zoho Mail API working (including DRE Connector, Oauth Token, ZUID, ZOID & ACCOUNT_ID)

      Disclaimer: I’m not a professional coder! Do you need to use Zoho Mail API? Me too. It lets you do all sorts of things — like reading the complete header of an email, or forwarding an email with its attachments — which is what I wanted to do. But setting

    • Revenue Deferrals

      Does ZOHO books and subscriptions handle Revenue Deferrals?   

    • Can I make a website open inside Zoho whenever I log in?

      Hi Zoho Team, Every day, I check a few websites for updates, for example, Rojgar--result, where I see the latest government job results and notifications. I was wondering if there’s any option in Zoho to make a website like that open inside Zoho whenever

    • Zoho Analytics & SQL Server - Live connect

      Below are the steps I did Created a fresh database and table in my own virtual server Created a new data source connection with live connect I was able to select the tables and created the data source successfully I am getting the error when I try to

    • Kaizen #214 - Workflow APIs - Part 2

      Welcome back to another week of Kaizen! Last week, we discussed how Zylker Cloud Services used the Workflow APIs to discover and audit all the automations in their CRM, listing every workflow, checking triggers, and understanding their automation limits.

    • Playback and Management Enhancements for Zoho Quartz Recordings

      Hello Zoho Team, We hope you're all doing well. We would like to submit a feature request related to Zoho Quartz, the tool used to record and share browser sessions with Zoho Support. 🎯 Current Functionality As of now, Zoho Quartz allows users to record

    • Zoho CRM Community Digest - September P1 | 2025

      Hello Everyone! September's Here! Before we jump into product updates, and community highlights, here's a quick spotlight! Zoho has launched a Professional Sales Rep Certification course on Coursera, tailored for sales professionals to strengthen their

    • Upload my theme.

      Hello. I would like to upload my own theme, this one: https://themeforest.net/item/panagea-travel-and-tours-listings-template/21957086 Is it compatible and where I upload it? If not I will hire a developer, what do I have to ask when I search for one?

    • Explore the Redesigned Quotes Module in Zoho Billing

      Dear users, We’re excited to introduce a refreshed look for the Quotes details page in Zoho Billing! This update brings you a more efficient user interface experience without changing your existing workflow. We've enhanced layouts with organized tabs,

    • Product Updates in Zoho Workplace applications | September 2025

      Hello Workplace Community, Let’s take a look at the new features and enhancements that went live across all Workplace applications this September. Zoho Mail Attach email as EML file in Compose Effortlessly attach emails as EML file in Compose by simply

    • Vehicle Tracking

      we have GPS devices that installed on our vehicles, and we would like to know if it's possible to  get vehicle live location data from the GPS device To Zoho Creator App.   Thank You

    • 🤝 Rencontres, partage et inspiration au Zoho Community Meetup de novembre

      Chers utilisateurs, Bonne nouvelle 🎉 : notre Meetup Zoho Community approche, et nous serions ravis de vous y voir ! 📍 Toulouse : le 25 novembre 📍 Lyon : le 27 novembre (🎯 Il ne reste que quelques places !) Que vous soyez débutant ou utilisateur avancé,

    • Need Help Mapping GST Registration Number Field Between Zoho Books & Zoho CRM + Slow Sync Issues

      am facing an issue with field mapping between Zoho Books and Zoho CRM. I want to map the GST Registration Number field from the Customer module in Zoho Books to a custom GST field inside the Accounts module in Zoho CRM. However, I am getting a warning

    • Notification received when self-assigning tickets

      When I assign tickets in Zoho Desk the relevant agent gets a notification email. When assigning myself a ticket in Zoho Desk, I get a notification email. Now, as I am the person who assigned the ticket to myself, getting a notification in this regard

    • Nouveauté dans Zoho Writer - Création de documents et de modèles assistée par l'IA

      Zia, l’assistant IA de Zoho Writer, soutient les utilisateurs dans l’amélioration de leur écriture et la création de contenus : correction orthographique et grammaticale en temps réel, suggestions adaptées au contexte, détection du plagiat, révisions

    • Session Expired

      I constantly get "Session Expired" and need to relogin or close and open the application again. This gets really frustrating during the day. Is this something that can be solved? This really makes me want to leave the app as it is no go to need to reopen

    • Integrate your Outlook/ Office 365 inbox with Zoho CRM via Graph API

      Hello folks, In addition to the existing IMAP and POP options, you can now integrate your Outlook/Office 365 inbox with Zoho CRM via Graph API. Why did we add this option? Microsoft Graph API offers a single endpoint to access data from across Microsoft’s

    • Disable Buttons for Users with Profiles without permission

      Hey, I've noticed that users without permission of setting up things in the marketplace, can still see the icon: On a click, you see this: It would be way better, if they couldn't see this menu icon at all. (Aside from the fact that it completely misplaced

    • Mapping a new Ticket in Zoho Desk to an Account or Deal in Zoho CRM manually

      Is there any way for me to map an existing ticket in Zoho desk to an account or Deal within Zoho CRM? Sometimes people use different email to put in a ticket than the one that we have in the CRM, but it's still the same person. We would like to be able

    • Zoho Analytics - Make text clickable in underlying data

      Hi Community, I have a simple sales report based on a Invoice query table. I have included a link on to each invoice on the table and sent the Invoice number URL to the link. This works find in the query table, but when I click underlying data on the

    • Credit Management: #5 Advanced Refund Policy

      You're subscribed to a well-known SaaS design tool. You've used it to manage your team's projects, create marketing visuals, brochures, and so on. But your needs change over time. Your company may switch to another tool or hire an in-house designer who

    • Exported Slide Image Lacks Portion of the Background Image

      This does not always happen, but when I export (or "download") the rendered image of a slide, it sometimes lacks a portion of the background image. I created a sample slide deck to demonstrate it and shared it with the admins. It is also publicly available

    • How to create a Zoho Mail extension similar to Outlook's OnSend add-in?

      Hi, I want to create a Zoho Mail extension similar to Outlook’s OnSend add-in. The extension should: Let the user select headers and footers from a taskpane while composing an email. When the user clicks Send, the extension should: Automatically insert

    • Effective Inbox Organization: Folders vs Tags in Zoho Mail?

      I'm exploring the best ways to organize a busy inbox, especially when managing multiple clients or project using Zoho Mail. I’d love to know what works best for others: 1. Do you prefer **folders** (possibly with sub-folders) for each client or project?

    • Piss poor service in Support in Domains and email

      Srijith Narayanan B contacted me today. Very pleasant fellow. Just didn't want to tell him how bad your support service is. You help the person, but you leave before we can finish the next stage. Which causes a lot of frustration. It's been 8 days now

    • Zoho Mail android app update: Block & reject future emails, Report phishing, Spam alerts, Suspicious URL detection

      Hello everyone! In the most recent Zoho Mail Android app update, we have brought in support for the following features: Block & reject future emails Report Phishing Spam alerts in the mail details screen. Suspicious URL detection. Block & reject future

    • Zohomail does not support additional fields in mailto links

      Hello, I set up Zohomail as default composer in Firefox according to manual here: https://www.zoho.com/mail/help/defaultcomposer.html#alink2 Later, I wanted to use this functionality to answer in a Linux mailing list thread using mailto link: mailto:xxxxx@kernel.org?In-Reply-To=%3C727o0521-q24p-s0qq-66n0-sn436rpqqr1p@example.com%3E&Cc=xxxxx%example.org&Subject=Re%3A%20%5BPATCH%20v2%28%29

    • Emails not being received from a particular domain

      Cannot receive any emails sent from atco.com Domain is in the spam whitelist so should be no reason for it not to be coming through. Have filed a ticket and besides a generic response of we are looking at it - it seems there is no actual support workers

    • Email address for forwarding is not saving and there's no confirmation ema

      Steps to reproduce: 1. Enter my forward email in the email forward section of the account 2. Click save 3. See a notification stating saved successfully 4. Refresh the page, no forward email is saved 5. No email confirmation received at the forwarding

    • This domain is not allowed to add in Zoho. Please contact support-as@zohocorp.com for further details

      This is the error i keep getting when trying to use my Zoho Domain Mail. This domain is not allowed to add in Zoho. Please contact support-as@zohocorp.com for further details Find attached. I hope this can be resolved very quickly so i can go on and make

    • Auto CC - Moving Departments

      We have Auto CC e-mail replies to your support mailbox enabled. We have two departments: Helpdesk (helpdesk@domain.com) Delivery (delivery@domain.com) If we create a Helpdesk ticket, and reply, replies are CC'd to helpdesk@domain.com (OK) We then move

    • unable to send message reason 554 5.1.8 Email outgoing blocked

      unable to send message reason 554 5.1.8 Email outgoing blocked

    • Next Page