Re-emphasizing the importance of Domain Whitelisting in ASAP's JWT Authentication Mechanism
The problem
We discovered a security vulnerability related to using OAuth tokens in non-whitelisted domains and have reinforced our security measures. If you experience any request failures in the authorized domains, please verify that they are whitelisted in the ASAP JWT configuration.
Our solution
Please enter the trusted domains in the setup to ensure that the help widget is pre-approved for their designed domains.
A maximum of five domains can be listed.
What is a domain?
A domain is a web address that allows visitors to access your website. It's the identifier through which your site is known online. When you launch your website for the first time, you can purchase a new domain or use an existing one.
Mapping your domains
Domain mapping associates a domain name (example.com) with a target destination, whether a website, application, or server. This association enables users to reach that destination using an easy-to-remember domain name instead of recalling complicated IP addresses or URLs.
For authentication purposes, domain mapping is essential for several reasons:
- User trust
- Prevention of phishing
- Access controls
- Consistency in user experience
- Secure connections (protocols)
What is the domain whitelisting mechanism?
A domain whitelist is a security strategy that limits access to exclusively specified and approved domains, effectively preventing connections to websites or services not explicitly mentioned. Permitting links only to trusted domains helps block unauthorized access and reduce potential security threats such as malware or phishing attempts. It serves as a filter to guarantee that only safe and relevant websites can be accessed.
How does domain whitelisting make security simpler?
A domain whitelist is a security approach that restricts access to only designated and authorized domains, effectively blocking connections to websites or services not explicitly listed.
How to enable the JWT authentication for Web and Mobile Platforms
Domain whitelisting for help widgets ensures that only designated, pre-approved websites or domains can embed and display the help widget on their pages. This approach prevents unauthorized users from integrating the widget on untrusted sites, which is essential for maintaining security and controlling access to the help feature.
Watch this space for the latest ASAP updates.
Cheers,
Kavya Rao,
The Zoho Desk Team
Help docs for reference:Topic Participants
Kavya Rao Addepalli
Kelly Maria Da Silva
Sean Betts
Web Team
JWalton85
Sticky Posts
Zoho Desk Partners with Microsoft's M365 Copilot for seamless customer service experiences
Hello Zoho Desk users, We are happy to announce that Zoho Desk has partnered with Microsoft's M365 to empower customer service teams with enhanced capabilities and seamless experiences for agents. Microsoft announced their partnership during their keynoteWhatsApp pricing changes: Pay per message starting July 1, 2025
Starting July 1, 2025, WhatsApp is shifting from conversation-based pricing to per-message billing. That means every business-initiated message you send will count. Not just the first one in a 24-hour window. Pricing updates on the WhatsApp Business PlatformLive Webinar - Work smarter with Zoho Desk and Zoho Workplace integration
Hello customers! Zoho Desk and Zoho Workplace are coming together for a webinar on 14th May, 2024. Zoho Workplace is a suite of productivity apps for email, chat, docs, calls, and more at one single place. Zoho Desk is closely integrated with a few toolsApple iOS 17 and iPadOS 17 updates for Zoho Desk users
Hello Zoho Desk users! Apple recently announced the release of iOS 17 and iPad OS 17. These latest OS updates will help you stay productive and efficient, through interactive and seamless user experiences. Zoho Desk has incorporated the updates to helpZoho Desk Cheat Sheet For The Year-End
Check out these Zoho Desk best practices to end this year on a high and have a great one ahead! #1 Set Business (Holiday) Hours - If you have limited working hours, please make sure you restrict your business hours or set them as holidays for the coming days. Let your customers know when you will, and won't, be available. #2 Update the Annual Holiday List - Check the holidays for the new year and update the holiday schedule. Usually, holidays from the current year will be carried over for the next
Recent Topics
Detailed Balance Sheet for tax preparer
I'm using the free edition of Zoho Books. My tax preparer is asking for "detailed" Profit & Loss and Balance Sheet reports which include all the activity and transactions within the various categories. The default reports do not include these details.Host Group Appointments Online in Zoho Bookings
Greetings from the Zoho Bookings team! We’re excited to announce a new enhancement to Group Booking that makes hosting online group events smoother and more professional than ever. You can now conduct online group events with auto-generated meeting linksCan't rename groups on Mac desktop app
I'm working on an up-to-date Mac with a freshly downloaded Notebook app. I'm trying to rename a group within a notebook. Here I have, left to right, a note, a group, and a note. I select the group. On the top left, I select Action. On the dropdown, "Rename"Workdrive Collaboration with an External User
I would like to know if I can setup a collaboration space with an external user in workdrive or do I need to add them as a user on my system? If I need to add them, can I add them on Workdrive only and give limit access to our space only?Marketing Tip #23: Help customers with how-to guides and usage tips
Customers don’t stop needing you after they place an order. Helping customers use your product correctly and confidently can improve satisfaction, reduce returns, and increase repeat purchases. Sharing simple how-to guides, usage tips, or care instructionsPowering Customer Support with our women
In Zoho Desk support, women make up 50% of our team. We see this as one of our strengths, reflecting the spirit of this year’s theme, "Give to Gain". Our women find their balance Women carry many responsibilities — they represent frontline support, leadFunction #25: Automatically generate purchase orders from a sales order
We kicked off the "Function Fridays" series with the goal of helping you automate your everyday accounting tasks. As we delve into today's post, I'm delighted to announce that we're here to present the 25th custom function in this series. While it isSales IQ chat is not working in signed android apk
I have integrated ZOHO sales IQ support chat and i have followed each step and its working fine in my development build but when i create signed APK for it. Chat does not work in it and showing awaiting for detail. I previously asked the same query butHow to add line breaks in zoho.cliq.postToUser(...) message?
In a CRM function using Deluge I'm sending this message and attempting to add some line breaks but they are ignored. Is there another way to add these breaks? My message: message: New urgent task\nDescription \nThis is a fake description.\n A new line?Problem with CRM Connection not Refreshing Token
I've setup a connection with Zoom in the CRM. I'm using this connection to automate some registrations, so my team doesn't have to manually create them in both the CRM and Zoom. Connection works great in my function until the token expires. It does not refresh and I have to manually revoke the connection and connect it again. I've chatted with Zoho about this and after emailing me that it couldn't be done I asked for specifics on why and they responded. "The connection is CRM is not a feature toCreate Receipt of a Donation (not a sale)
We are a non-profit organization that receives general donations. How do I create a receipt of payment for the donor and categorize the payment as a Gift? I tried the method of creating an invoice; however that automatically created a "Sales" transactionZoho Books Invoices Templates
It would be really helpful to have more advanced features to customise the invoice templates in Zoho Books. Especially I´m thinking of the spacing of the different parts of the invoice (Address line etc.). If you have a sender and receiver address inIn Lesson Video
Can anyone help me with this? I'm not sure what happened. It suddenly became like that. I tried to reupload. I tried create a new lesson. Still the same. Please help!emailing estimates
Shows up in the customer mail logs as sent but nobody is receiving them, even when I send them to myself I don't get them ??? Something wrong with the mail server or my end ?Custom TDS on Vendor Credits via API
Hi, We are using Zoho Books APIs for posting Bills and vendor credits. We are unable to post custom TDS amount posting vendor credits. Can you please share the API spec and Payload that need to be sent for Custom TDS for Vendor Credits.How to use OR when filtering using two fields
I want to create return a list of Account Names by filtering on Field1 = "yes" OR Field 2 = "no" I can't see how to use the OR in the filter.Editing the list of Categories in the Categorize Manually section of Banking in Zoho Books
Hi, I need to create two new Categories called Withdrawals and Deposits to categorize payments in a bank account. How do I edit the Categories list?Mobile phone version not working well
I am working on the Zoho Site Builder. In the preview the desktop version looks okay, but in the mobile phone preview many words are cut off in the weirdest (wrong) way. How can I fix that?Zoho - Please explain difference between Thread view and Conversation view on Ticket
I have reviewed the help document here but am still not clear on the difference between the two views. As an example, I just had a back and forth on a ticket: - Customer emails support email. - I email back from Desk. - Customer responds back. - I email back from Desk. On the upper left drop down box on the ticket Zoho Desk now says this is "4 Threads" and "4 Conversations" . How is that 4 threads?? By my count it is 1 thread and 4 conversations (assuming by "conversation" Zoho means number of totalNot able to Sign In in Zoho OneAuth in Windows 10
I recently reset my Windows 10 system, after the reset when I downloaded the OAuth app and tried to Sign In It threw an error at me. Error: Token Fetch Error. Message: Object Reference not set to an instance of an object I have attached the screenshotI need help to take Reports for tickets moved between departments.
Hi, I need help to take Reports for tickets moved between different departments. Pls guide ShyamExport to excel stored amounts as text instead of numbers or accounting
Good Afternoon, We have a quarterly billing report that we generate from our Requests. It exports to excel. However if we need to add a formula (something as simple as a sum of the column), it doesn't read the dollar amounts because the export storesIncrease Round Robin Scheduler Frequency in Zoho Desk
Dear Zoho Desk Team, We hope this message finds you well. We would like to request an enhancement to the Round Robin Scheduler in Zoho Desk to better address ticket assignment efficiency. Current Behavior At present, the Round Robin Scheduler operatesAutomation #6 - Prevent Re-opening of Closed Tickets
This is a monthly series where we pick some common use cases that have been either discussed or most asked about in our community and explain how they can be achieved using one of the automation capabilities in Zoho Desk. Typically when a customer submitsZoho Desk EU slow/unresponsive
Has anyone else got issues with ZohoDesk today in the EU? It takes an age to come back and if you do start typing something and try and send or save it looks like it times out. We are also getting this pic. ot I can't see anything on https://status.zoho.eu/EU DC Partial Outage Resolved: A Detailed RCA
Incident Summary Due to an overload on one of the nodes in the EU DC for Zoho Desk, the system was unable to handle the heavy load, causing a slowdown in requests and resulting in a partial outage for customers with data residing in that node. On MayPerfomance Management - Zoho People
Hi team, I am looking for performance management data such as KRA, goals, feedback, appraisals, etc., in Zoho Analytics. However, I am unable to find these metrics while editing the setup. Could you please confirm whether these fields are available inDeprecation of the Zoho OAuth connector
Hello everyone, At Zoho, we continuously evaluate our integrations to ensure they meet the highest standards of security, reliability, and compliance. As part of these ongoing efforts, we've made the decision to deprecate the Zoho OAuth default connectorZoho Mail iOS app update: Display recipient's nickname on contact suggestion
Hello everyone! In the most recent version(v3.3.1) of the Zoho Mail iOS app update we have brought in support to display recipient's nickname in contacts suggestion. Please update the app to the latest version directly from the App Store or using theDigest Février - Un résumé de ce qui s'est passé le mois dernier sur Community
Bonjour chers utilisateurs, Le 26 février, nous avons organisé notre première session Ask the Expert de 2026. Nous sommes heureux de partager que ce fut une session très interactive, avec de nombreuses questions intéressantes posées par nos clients. SiZoho CRM Case Notes - Share to Customer
Hi team does anyone know the Api to set a note, against a case, to shared with customer? i cant seem to find it cheersSend out follow-up email in the same thread (threaded conversations in individual emails) from Zoho CRM
Hi, I'm new to Zoho. I'm trying to send individual emails to my leads one by one. And I'll send out follow up email if I don't hear back from them later. However, instead of sending a new email, I want to reply in the same email thread so that the recipientsDepositing funds to account
Hello, I have been using Quickbooks for many years but am considering moving to Zoho Books so I am currently running through various workflows and am working on the Invoicing aspect. In QB, the process is to create an invoice, receive payment and thenweb to lead
Can anyone help me how to create web to lead from zoho marketing automationHow can I see content of system generated mails from zBooks?
System generated mails for offers or invices appear in the mail tab of the designated customer. How can I view the content? It also doesn't appear in zMail sent folder.UI issue with Organize Tabs
When looking at the organize Tabs window (bellow) you can see that some tabs are grayed out. there is also a "Add Module/Web Tab" button. When looking at this screen it's clear that the grayed out tabs can not be removed from the portal user's screenI created a signup form in Zoho Marketing Automation with the correct field mapping, but the data is not being reflected under Leads in Zoho CRM.
web to lead from zoho marketing automationPasted Images not being embedded in custom mail
Hi, I'm making a custom report by email based on commentaries. I have the email ready, all working great except for images that are being pasted in the commentaries. Zoho deals with them as temp images and so it requires authentication to view them, somethingKaizen #232 - Building a Ticket Escalation Mechanism from Zoho CRM
Howdy, Tech Wizards! Picking up the thread from last week, we will continue our Zoho CRM and Zoho Desk integration. In Kaizen #231 - Embedding Zoho Desk Tickets in Zoho CRM, we built a Related List widget that displays open Zoho Desk tickets within theInactive License for free account.
I recently upgraded my Cliq subscription not my team (on the free version), are unable to login to their accounts. The error message received is Inactive License Looks like you have not been covered under the current free plan of users. Please contactNext Page