Private requests appearing in portal

james · 2010-07-15 04:12:16 UTC

We’re using the API to create private requests for clients to initiate back-office processes that we don’t want them to see. The API creates the request and populates the customer ID and email address - this is needed for the support teams.

We’re using black box authentication on the portal - when a client logs in they’re seeing a complete list of requests, including the internal requests we’ve created. The ‘request history’ page is displaying these private requests and the full contents of the (private) note is displayed.

Any work-arounds?

ian · 2010-07-15 17:08:42 UTC

Hi James,

It sounds like something if funny there, maybe the requests are actually being marked as public in your API call? Can you post your api code or email it in?

james · 2010-07-16 01:14:29 UTC

It’s vb.net, here’s an extract of the parameters:

        With params
            .Add("tNote", Message & vbCrLf & vbCrLf & "** SYSTEM GENERATED MESSAGE **")
            .Add("xCategory", Category)
            .Add("xPersonAssignedTo", AssignTo)
            .Add("fNoteType", 0)
            .Add("sUserId", UserName)
            .Add("sFirstName", FirstName)
            .Add("sLastName", LastName)
            .Add("sPhone", Phone)
            .Add("sEmail", Email)
            .Add("email_from", 0)
        End With
        Return SendData("private.request.create", params)

ian · 2010-07-19 14:17:37 UTC

That looks OK. I’m not aware of any bugs in that area. Is every note you add with the API available on the portal?