API Call Node Security
API Call Node
In the Tidio platform, you can configure a Flow using the API Call Node. This feature allows you to automate certain actions by accessing data from web endpoints that you define. For example, when a visitor inquires about their order status, the Flow can prompt them to provide their Order Number. The configured Flow will then be triggered, and the Tidio backend will send a web request to your server to obtain the order information. You can select which data from the order information will be returned to the visitor.
Security Considerations
It is crucial to carefully decide what information you disclose to visitors. An imposter might request order details for an Order Number they did not place, attempting to access other customers' order information. For instance, if you return sensitive information such as email addresses, phone numbers, names, or addresses, an attacker could enumerate order numbers to retrieve confidential data about your customers. This risk is heightened if you accept Order Numbers in a predictable format, such as sequential integers (e.g., 8123, 8124, 8125).
Recommendations
To mitigate these risks, we strongly advise you to:
- Limit Returned Information to Non-Sensitive Data: Configure your API Call Node to return only non-sensitive information, such as the order status (e.g., "shipped," "processing," "awaiting courier").
- Require complex data format before returning sensitive information: If you need to return sensitive information, ensure that you require unpredictable identifiers before doing so. Instead of using predictable, incrementing Order Numbers, consider using unique identifiers in a UUIDv4 format (e.g.,
29c7be5f-0f9c-4264-a86e-6733beecf0d8
,d425fc88-579c-4a91-a940-68c750db08ff
). These IDs are random and cannot be easily guessed by attackers.
The same security considerations apply to other functionalities you may want to automate using the API Call Node.
Updated 7 days ago