Freshdesk: set_options_post_auth not firing — subdomain validation and base64 token construction broken
Problem
The Freshdesk connection relies on set_options_post_auth to:
- Validate and sanitize the
subdomain option
- Construct the base64 authentication token (
btoa(apiKey + ':X'))
- Build the full API URL
However, set_options_post_auth is not firing. As a result:
- The
token connection option is never populated
- The subdomain is never validated
- API calls fail because there is no usable auth token
Why This Matters
Without the function firing:
- No auth token — the
token field in conn_opts remains empty, so all API requests that use Authorization: Bearer ${token} fail
- No subdomain validation — users can enter invalid values (e.g., full URLs like
mycompany.freshdesk.com instead of just mycompany), leading to malformed URLs like https://mycompany.freshdesk.com.freshdesk.com
- Connection ping succeeds or fails silently — the health check at
GET /api/v2/agents/me may not use the token at all if the header isn't set up correctly
Current Implementation
In src/apps/freshdesk/index.ts:
rest: {
url: 'https://{{subdomain}}.freshdesk.com',
oauth2_grant_type: 'none',
ping_path: '/api/v2/agents/me',
},
rest_modifiers: {
options: FRESHDESK_CONN_OPTIONS,
required_options: 'subdomain,apiKey',
url_template_options: ['subdomain'],
set_options_post_auth: (context) => {
// This function is NOT being called
const subdomain = context.conn_opts?.subdomain;
const apiKey = context.conn_opts?.apiKey;
if (!subdomain || !apiKey) {
throw new Error('Subdomain and API Key are required');
}
return {
url: `https://${subdomain}.freshdesk.com`,
apiKey,
subdomain,
token: btoa(`${apiKey}:X`),
};
},
},Requirements
A function is needed that runs:
- On connection creation
- After connection options are changed
This function must:
-
Sanitize the subdomain
- Trim whitespace
- Strip
https://, http://, and .freshdesk.com if the user accidentally includes them
- Validate the value contains only valid subdomain characters (alphanumeric + hyphens)
- Return a clear error if the subdomain is invalid
-
Build the base64 auth token
- Encode
apiKey:X as base64 (Freshdesk convention — X is a dummy password)
- Store as
token in connection options
-
Verify the connection works
- Optionally make a test request to confirm the subdomain and API key are valid
Possible Solutions
-
Investigate why set_options_post_auth isn't firing — It may be related to the oauth2_grant_type: 'none' configuration, or an interaction with url_template_options. Other non-OAuth apps like Active Campaign and Mautic also use set_options_post_auth with oauth2_grant_type: 'none', but they also use url_from_option which may trigger the function differently.
-
Add set_options_post_auth_code — This variant is used by Trello, Slack, and ZohoCRM to run the same logic both after OAuth auth and after option changes. Assigning the same function to both set_options_post_auth and set_options_post_auth_code ensures it runs in all scenarios.
-
Use connection_update_option — This modifier (used by DocuSign) fires when a specific option value changes. It could be used to re-validate and reconstruct the URL/token when subdomain or apiKey changes.
Additional Note
Verify that the auth header type is correct. Freshdesk API documentation specifies Basic authentication (Authorization: Basic <base64>). The current implementation sends the token as a Bearer token. If the Qore platform handles the Basic auth header construction automatically from the token option, this may be fine — otherwise it needs to be corrected.
Relevant Files
Reference Patterns
Freshdesk:
set_options_post_authnot firing — subdomain validation and base64 token construction brokenProblem
The Freshdesk connection relies on
set_options_post_authto:subdomainoptionbtoa(apiKey + ':X'))However,
set_options_post_authis not firing. As a result:tokenconnection option is never populatedWhy This Matters
Without the function firing:
tokenfield inconn_optsremains empty, so all API requests that useAuthorization: Bearer ${token}failmycompany.freshdesk.cominstead of justmycompany), leading to malformed URLs likehttps://mycompany.freshdesk.com.freshdesk.comGET /api/v2/agents/memay not use the token at all if the header isn't set up correctlyCurrent Implementation
In
src/apps/freshdesk/index.ts:Requirements
A function is needed that runs:
This function must:
Sanitize the subdomain
https://,http://, and.freshdesk.comif the user accidentally includes themBuild the base64 auth token
apiKey:Xas base64 (Freshdesk convention —Xis a dummy password)tokenin connection optionsVerify the connection works
Possible Solutions
Investigate why
set_options_post_authisn't firing — It may be related to theoauth2_grant_type: 'none'configuration, or an interaction withurl_template_options. Other non-OAuth apps like Active Campaign and Mautic also useset_options_post_authwithoauth2_grant_type: 'none', but they also useurl_from_optionwhich may trigger the function differently.Add
set_options_post_auth_code— This variant is used by Trello, Slack, and ZohoCRM to run the same logic both after OAuth auth and after option changes. Assigning the same function to bothset_options_post_authandset_options_post_auth_codeensures it runs in all scenarios.Use
connection_update_option— This modifier (used by DocuSign) fires when a specific option value changes. It could be used to re-validate and reconstruct the URL/token whensubdomainorapiKeychanges.Additional Note
Verify that the auth header type is correct. Freshdesk API documentation specifies Basic authentication (
Authorization: Basic <base64>). The current implementation sends the token as a Bearer token. If the Qore platform handles the Basic auth header construction automatically from thetokenoption, this may be fine — otherwise it needs to be corrected.Relevant Files
src/apps/freshdesk/index.ts— App config withset_options_post_authsrc/apps/freshdesk/conn-options.ts— Connection option definitions (subdomain,apiKey,url,token)src/apps/freshdesk/helpers/constants.ts—fetchFreshdeskAllowedValueshelper usingAuthorization: Bearer ${token}Reference Patterns
src/apps/trello/index.ts) — ExtractssetOptionsPostAuthand assigns to bothset_options_post_authandset_options_post_auth_codesrc/apps/esignature/index.ts) — Usesconnection_update_optionto react to option changessrc/apps/active-campaign/index.ts) — Non-OAuth app withset_options_post_auth+url_from_option