Hi @Shamsuzzaman_Sadi ,
Welcome to the forum ! I would like to know a bit more about the challenge that you face:
- Are you making use of the standard
iparams.json
or customiparams.html
? - Can you confirm that there is no typo in the code? It should be client.iparams.get() not client.iparam.get()
- if possible, please share the relevant code for us to help in a much better way
Regardless, I will try to address a few things that are specific to iparams usage.
-
client.iparams.get()
will get all the normal iparams. Secure iparams will not be fetched usingclient.iparams.get()
or byclient.iparams.get('<IPARAM_KEY>')
-
In order to fetch secure iparams, we need to make use of iparam templating. At this stage, templating works only with Request method. It won’t be possible to use templating in places other than the Request method. Also what @Niek_Knijnenburg (Hey there, welcome to the forum as well ! ) mentioned is also right . Secure iparams are substituted at the platform side. Attempting to log them will only show the template. It is one of the primary use-case & advantage of secure iparams
I can demonstrate that with a sample code which covers these scenarios
Here is my app.js
$(document).ready(function () {
app.initialized()
.then(function (_client) {
var client = _client;
client.events.on('app.activated',
function () {
//Getting all iparams
client.iparams.get()
.then(logData)
.catch(logError);
//Getting a normal iparam by its iparams.json property name
client.iparams.get("name")
.then(logData)
.catch(logError);
//Getting a *secure* iparam by its iparams.json property name
client.iparams.get("key")
.then(logData)
.catch(logError);
//Making an API call using iparam
client.request.get("https://engo9nxjcoml9.x.pipedream.net/<%= iparam.key %>",{},logData,logError);
});
});
});
function logData(i){
console.log(i);
}
function logError(e){
console.error("Whoops something went wrong!");
console.error(e);
}
Here is my iparams.json
{
"email": {
"display_name": "Email Address",
"description": "Please enter your email",
"type": "email",
"required": true
},
"name": {
"display_name": "Name",
"description": "Please enter your name",
"type": "text",
"required": true
},
"key": {
"display_name": "Key",
"description": "Please enter your API Key",
"type": "text",
"required": true,
"secure": true
}
}
This is my filled iparams page
When i run the app, here is the console output from the browser:
While making a Request method call using secure iparam,if I inspect my network tab, I still won’t be able to find out the values of secure iparams. If I was able to intercept, it would make sensitive information vulnerable!
But on the server-side, it will be able to receive the actual value of the iparams (as it gets substituted accordingly from the platform side)
Also, in case, if you are making use of OAuth, we have a feature for that as well in the platform side https://developers.freshdesk.com/v2/docs/oauth/
References: