Zendesk Support product help forum Zendesk Chat product help forum Zendesk Talk product help forum Zendesk Guide product help forum Zendesk help forum Zendesk Explore help forum Outbound by Zendesk product help forum
  1. Zendesk Develop
  2. Zendesk APIs
  3. REST API tutorials

Creating and using OAuth tokens with the API Follow

Avatar
Charles Nadeau
Updated

Zendesk provides 3 ways of authenticating API requests:

  • basic authentication with a username and password
  • API token
  • OAuth access token

You normally opt for OAuth tokens when you need users to grant your application access to their accounts. This involves building an OAuth authorization flow.

You can also use OAuth tokens for other types of requests that don't require user authorization. For example, you might use them in applications used by internal staff or by the general public. Using OAuth tokens for authentication doesn't tie the requests to a specific username and password, and it offers more control and security than plain API tokens.

The following example is a request that uses an OAuth token for authentication:

curl https://obscura.zendesk.com/api/v2/users.json \
  -H "Authorization: Bearer 52d7ef4ee01e2c2c75bff572f957cd4f12d6225eee07ea2f01d01a"

The article describes the steps to create an OAuth access token with the API:

  1. Create an OAuth client
  2. Get the id of the new client
  3. Use the client id to get an access token
  4. Use the token in requests

Create an OAuth client

  1. In Zendesk Support, select Admin > Channels > API > OAuth Clients.
  2. Complete the form. See Registering your application with Zendesk for details.

Get the client ID

Use the List Clients endpoint to get the id of your new client.

Request

curl https://{subdomain}.example.zendesk.com/api/v2/oauth/clients.json \
  -v -u {email_address}:{password}

Response

{"clients":
  [
    {
      "name": "OAuth client for my app",
      "id": 50328,
      "user_id": 293241756,
      ...
    },
    ...
  ]
}

Create the access token

Use the client id in the Create Token endpoint to get an access token.

Request

curl https://{subdomain}.zendesk.com/api/v2/oauth/tokens.json \
  -d '{"token": {"client_id": "50328", "scopes": ["read", "write"]}}' \
  -H "Content-Type: application/json" \
  -X POST -v -u {email_address}:{password}

Learn more about scopes in Setting the scope in the Zendesk Support Help Center.

Response

{"token":
  {
    "full_token":"52d7ef4ee01e2c2c75bff572f957cd4f12d6225eee07ea2f01d01a",
    "scopes":["read","write"],
    ...
  }
}

The full_token property specifies the access token. Keep the value in a safe place.

Use the access token in requests

Use the access token in an Authorization header in your requests. Example:

curl https://{subdomain}.zendesk.com/api/v2/users.json \
  -H "Authorization: Bearer 52d7ef4ee01e2c2c75bff572f957cd4f12d6225eee07ea2f01d01a"

In cURL, the -H flag indicates a header field.

Comments

0 comments

Please sign in to leave a comment.

Related Articles

Related articles

Powered by Zendesk