Skip to main content

v1.2.2 -- Zendesk Read-Only Mode

Configly Support

v1.2.2 -- Zendesk Read-Only Mode

This release introduces Zendesk Read-Only Mode, so you can install Configly without granting write access to your Zendesk instance. It also ships a batch of security and infrastructure hardening: dependency patches, stricter database TLS, improved token handling on disconnect, and tighter error reporting.

Added:

  • Zendesk Read-Only Mode -- connect Configly to your Zendesk with read-only OAuth scope. Configly can still snapshot, diff, map dependencies, run health checks, analyse with AI, and export to GitHub. Write-capable features (Apply Changes, GitHub push-back) are disabled until you upgrade.
  • Mode selector on new connections -- choose Read-Only or Read/Write when connecting a Zendesk instance. Read-Only is the recommended default for first-time connections.
  • One-click Upgrade and Downgrade -- change a connection's scope from the Connections page. Upgrades take you through Zendesk's consent screen for the new scope. Downgrades re-authorise at read-only scope and preserve your connection history.
  • Connection mode indicators -- every connection on the Connections page shows its current OAuth scope (Read-Only, Read + Write, or Full Access for API-token connections) via a clear badge.

Changed:

  • Apply Changes disabled state -- on Read-Only connections, the Apply to Zendesk action in What-If Mode is disabled with a clear prompt to upgrade the connection if you want to apply changes.

Security:

  • Zendesk token revocation on disconnect -- when you disconnect a Zendesk instance from Configly, the OAuth token is now explicitly revoked at Zendesk as part of the disconnect, matching the existing GitHub disconnect behaviour.
  • Zendesk traffic identifiable in audit logs -- Configly's backend now sends a User-Agent: Configly/<version> header on every Zendesk API call, so you can filter your Zendesk HTTP request logs for Configly traffic specifically.
  • PII stripped from error reporting -- session cookies and user email addresses are scrubbed from error events before they reach our observability tooling.
  • Internal infrastructure hardening -- database connections now enforce TLS (sslmode=require) at the application layer.
  • Security updates to underlying dependencies -- routine patching of npm packages across the product.

For background on Read-Only Mode, see Zendesk Read-Only Mode. For full OAuth scope detail, see the Configly Trust page.

Related articles

Comments

0 comments

Please sign in to leave a comment.