streamlineworks
All posts
·12 min read·The streamlineworks team

Building a Freshdesk custom app: the things the docs don't tell you

If you're about to ship a Freshworks custom app, here are the six gotchas we wish someone had warned us about.

engineeringfreshdesk

The Freshworks Developer Platform docs are good. They are also, like most platform docs, optimistic.

After shipping 40+ custom apps, here are the things we now check on every project — before we write a line of code.

1. The iframe sandbox is stricter than you think You'll get bitten on cookies, on third-party fonts, and on anything that wants `SameSite=None; Secure`. Plan to ship your assets from a CDN with a trusted certificate, and avoid anything that requires `top.window` access.

2. The data API rate limits are per-app, not per-account This means a single noisy app can throttle every other custom app on the same Freshworks tenant. Always implement client-side rate limiting before relying on server-side enforcement.

(...placeholder body continues.)

Stop waiting for Freshworks to ship it.

Tell us the workflow that's costing your team time. We'll have a working prototype in your hands inside two weeks.

Book a discovery callfounders@streamlineworks.io