You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Problem
Today, our webhooks send the entire payload to systems. This presents no issues if the system is a government system. However, for webhooks to 3rd party apps, officers have fears that 3rd party apps have access to all the submissions and are generally discouraged to connect FormSG to apps like Zapier, google sheets etc. This is not great as some of these commercial apps are very powerful and beneficial.
Solution My suggestion is to allow form admins to control what data goes to 3rd party apps within the webhook setting. In most cases, an admin collects more data than required because they need different pieces of data for different reasons. For instance, the officer may need details like name and date for processing. However, the same workflow may not need information like NRIC, address details, phone number. Some of these additional details are captured for their own reference so they could be used in other situations (e.g. contacting the MOP).
Limitations from discussions:
With E2EE, the submission payload is stored as a singular binary blob, we cannot dig into the response to select a subset of data to send in the webhook. If we really wanted to group the data into publishable and private "groups", we'd need a big rethink and rewrite on how data is being processed and stored in FormSG.
The text was updated successfully, but these errors were encountered:
Problem
Today, our webhooks send the entire payload to systems. This presents no issues if the system is a government system. However, for webhooks to 3rd party apps, officers have fears that 3rd party apps have access to all the submissions and are generally discouraged to connect FormSG to apps like Zapier, google sheets etc. This is not great as some of these commercial apps are very powerful and beneficial.
Solution
My suggestion is to allow form admins to control what data goes to 3rd party apps within the webhook setting. In most cases, an admin collects more data than required because they need different pieces of data for different reasons. For instance, the officer may need details like name and date for processing. However, the same workflow may not need information like NRIC, address details, phone number. Some of these additional details are captured for their own reference so they could be used in other situations (e.g. contacting the MOP).
Limitations from discussions:
With E2EE, the submission payload is stored as a singular binary blob, we cannot dig into the response to select a subset of data to send in the webhook. If we really wanted to group the data into publishable and private "groups", we'd need a big rethink and rewrite on how data is being processed and stored in FormSG.
The text was updated successfully, but these errors were encountered: