Blacklisted App

Hello,

I had an app that was working fine for a customer and then all of the sudden it was blacklisted. All this app does is make an API call to update a ticket with information entered in the iparams page at installation/ update.

Couple of questions on this:

  • Could I have someone investigate the reasoning on why this app was backlisted?
  • Could someone please explain the process and communication that is expected around black-listing an app?
  • What guidence are you able to provide on un-blacklisting this app?

Hi @Kiska_Sanchez,

You can please refer to section 2.4, Removal of Apps of the Terms of Service of Freshworks Developer platform.

Also, all the Freshworks accounts are monitored by automation and humans for any abuse or any other malpractices, and part of the features or APIs can be disabled to safeguard the customer’s data, service, and Freshworks services.

But, I would like to understand the case further to investigate if it’s really blacklisted as such, and, if so, why is that before confirming it.

Can you please confirm how did you find that this app is blacklisted? Is it removed or disabled without your actions or unable to make some API or other features?

Hello @Raviraj,

Thank you for your response! We raised this concern with a member of the Freshworks team, who did their own investigation and requested information regarding it’s function. Afterwards, all they recommended was to make a post here to see if justification can be made for it’s removal.

We concluded that the app was blacklisted through a series of tests that were ran in between the customer’s tenant who is experiencing issues with the app by triggering the app on status change to the triggering status (set in iparams) and in another tenant that was only used for intermittent process configuration testing. The app worked as expected in the later tenant but not in the customer’s tenant. We only confirmed this after performing a through root cause analysis on the issue that the customer was experiencing and exhausting all other break/ error points.

This was removed/ disabled without any communication to the customer or developer that uploaded said app.

I will include the source code of the app below due to the simplicity in nature of the code. Please find the source code below:

server.js

async function updateTicket(id, body){
  try {
    var res = await $request.invokeTemplate("update_ticket", {
      context: {"ticket_id": id},
      body: JSON.stringify(body)
    }). then (
      function(data){
        console.log(`Ticket ${id} updated successfully.`)
        let res = JSON.parse(data.response)
        return res[Object.keys(res)[0]];
      } 
    ) } catch (err){
      console.log(`Error updating ticket ${id}.`)
      console.log(err)
    }
    return res;
}

exports = {
  
  onTicketUpateHandler: async function(args) {
    if(args["data"]["ticket"]["status"] == args['iparams']['trigger_status']){
      var body = {
        status : args['iparams']['end_status']
      }
      
      await updateTicket(args["data"]["ticket"]["id"], body)
    }

  }

};

Iparams.json

{
    "domain": {
        "display_name": "FreshService Domain",
        "description": "Please enter your FreshService Domain without .freshservice.com",
        "type": "domain",
        "type_attributes": {
            "product": "freshservice"
          },
        "required": true
      },
      "api_key": {
        "display_name": "API Key",
        "description": "Please enter your API Key",
        "type": "api_key",
        "required": true,
        "type_attributes": {
          "product": "freshservice"
        },
        "secure": true
      },
      "end_status": {
        "display_name": "ID of status that ticket needs to change to:",
        "type": "number",
        "required": true
      },
      "trigger_status": {
        "display_name": "ID of what triggers app:",
        "type": "number",
        "required": true
      }
}

requests.json

{
    "update_ticket":{
    "schema": {
        "method": "PUT",
        "host": "<%= iparam.domain %>.freshservice.com",
        "path": "/api/v2/tickets/<%= context.ticket_id %>?bypass_mandatory=true",
        "headers": {
            "Authorization": "Basic <%= encode(iparam.api_key) %>",
            "Content-Type": "application/json"
         }
      }
}
}

Thanks for your information, @Kiska_Sanchez.

Could you please share the link or ticket ID for the previous conversation? If it’s an email, please loop me in as well. (I will share my email address on Chat here on the forum)

Of course! Thank you.

The ticket number is 3039 in the partner support portal. I will also have the consultant who raise the ticket loop you in!

Hi Raviraj

The request is in the partner portal which i can share with you

Hello @Raviraj,

Any movement on this request/ issue?