Hello,
I am dealing with a problem right now related to the API functionality of Freshdesk. In our application it's possible to add a note to a ticket, this sends a HttpRequest through the API functionality Freshdesk offers.
The problem is that whenever a regular user of the platform tries to add a note to a ticket, the request will be denied. (403 error). They are supposedly not allowed to do this, meanwhile customers are able to do this in the customer portal of Freshdesk.
The problem above only occurs when adding the UserID as a parameter. If I omit that then the note will get added succesfully, altough there won't be a source of whom added the note. The issue also doesn't show up if the acting user adding the note is also an active agent inside Freshdesk.
What can I do here to let customers add notes through the API?
I don't think this shouldn't be allowed since customers are able to add notes to tickets through other sources, like e-mail or from the customer portal.
For what it is worth: the plan we have is a Growth-plan.
The API-call also sets the ‘private’ attribute to false since customers can't add private notes.