ZENDESK: Community didn't work without enabled third party cookies
Answered
In my browser I've always disabled third party cookies (only third party cookies - not cookies at all). Why you are forcing customers to enable third party cookies for loging in to community?
-
Official comment
Hi Tayfun,
I am afraid that cookies are necessary to login into the Help Center and use Zendesk.
The authentication process for Zendesk is based on a cookie which is stored against the web browser used to login by the agent/ end-user.
Zendesk sets a cookie that is used to login the user again if the option "Stay signed-in" is enabled. This cookie will expire if it’s not used within roughly 2 weeks, but it will last forever if it keeps getting used.
In addition to this, against the web browser there are other cookies which are sent when logging in to the Help Center.
The cookies which are saved are from our Zendesk subdomain, zdassets.com where the HC assets are saved.
Zendesk security architecture ensures that each request to Zendesk is accompanied by user identity credentials to ensure segregation of customer data.
Zendesk maintains a robust application audit log, to include security events such as user logins or configuration changes. The Zendesk application utilises numerous framework level protections to help prevent Web application vulnerabilities such as cross-site request forgery (CSRF), cross-site scripting (XSS), or SQL injections. Additionally, Zendesk follows secure credential storage best practices by storing passwords using the bcrypt (salted) hash function.
Unfortunately, all the cookies which are sent during the login action would need to be accepted, for the authentication process to be performed.
Please find also more details at: https://www.zendesk.com/company/customers-partners/#cookie-policy
Thanks,Thomas
-
Hi,
I have created a ticket or this question in our support system. We will contact Zendesk and ask them.
Thanks, Naama
Please sign in to leave a comment.
Comments
2 comments