The customer query is to want no longer manually add IP addresses on the Salesforce side every time we re-authorize or update our app. The Static IP address should use the IPs which is shown in this Documentation - Request Method.
Can you please confirm if we can Authorize the app using only the IP address given in the Documentation based on the Data region, or are there any other IP addresses they will need to whitelist?
Remarks by the SI partner are that they will not be able to force the IP address based on the Documentation but will be able to work the IP address on the conversation side.
Thanks for initiating this thread @Param. We will have a bunch of follow-up questions for the partner developer. It would be ideal if they were invited to respond to the same here.
For example -
- Does the app use the static ip feature of the platform when making API requests to Salesforce?
- What does the partner mean when they say they will not be able to force the IP addresses?
- What do they mean when they say they will be able to work the IP address on the conversation side?
- What does this app try to do?
- Where are the IP addresses whitelisted today?
There will be more as we learn more about this app and its setup.
Thank you, Satwik, for pitching this query. I have shared this link to the devs to pitching in.
Please find the information below:
*Yes. The app uses the IP address mentioned to sync information with the Salesforce app.
*So they had mentioned that they will not be able to control the IP information when updating the Custom app in Freshchat.
*The app created in the customer’s account is used to Pass the Conversation and user information when the chat is resolved and show articles in the Freshchat conversation. Here, we can make API calls via the IP address mentioned in this document - Request Method.
*The IP address is whitelisted in the Salesforce application for security reasons.
Adding more information that L2 Dev team had mentioned is -OAuth Authorization/Refresh calls do not go through static IP, and whitelisting static IP is a feature available only for request methods.
@satwik Just checking if you have received this information.
I believe this is a feature request, in that we don’t support IP whitelisting for the token exchange/refresh calls. Thanks for expanding on that @Param . Let me get the attention of our product team on this.
@satwik Great. Glad the inforamtion was helpful.
Can you clarify that you will be creating a Feature request with your team or I should reach out to the team for an Feature request?
@Param I have forwarded this to the right people. Let’s give them a day or so to get back to us.
@satwik Thank you for the prompt response.
Looking forward to hearing from you
Just reaching out to check if there is any updates on this case.
Hi @satwik ,
Bumping this to get an update.
Hi @Param ,
Thanks for your patience and apologies for delay in providing you an update.
The need to support IP whitelisting for token exchange/refresh calls as a difficulty has emerged for couple of other apps as well. I have captured this as a feature request for our team to solve. I will update this thread as soon as I have an ETA on this.
Hi @Param ,
Can you also share with which app we are doing Oauth hand-shake , I believe OAuth hand shake is involved with third party apps other than freshworks platform.
It would be great if you share details of apps and details.