How can I change API client type without access token?

7 Kommentare

  • James Sanford

    Hey Aleksey!

    I see that you've reached out with an additional question regarding authentication with the Zendesk Chat API in Cannot access Zendesk Chat API if Chat created through Support.

    You would need to Generate a REST API token for integrated Chat accounts for authentication of these requests.  As it sounds like you may already be familiar with that requirement I believed it best to consolidate both of your questions into a single ticket so we can review these questions with you in greater detail.

    Please keep an eye out in your email for the ticket I have created for you - thanks!

  • Aleksey Kislov

    Hello James,

    So does it mean that in order to get API token via password grant type flow I first need to get API token via authorization code grant type flow? What is the reason for having password grant type flow if I cannot use it without creating a token with different method? 

  • James Sanford

    Hey Aleksey!

    I actually created a ticket for you so we can best review these questions with you :)

    Can you please check your email for the message from ticket #4043354 and send me a reply so we can best discuss this?


  • swathi gude

    Hey, I'm also facing similar issue, how to implement password grant type flow/Client Credentials grant type with out access tokens?


  • Nicole S.
    Zendesk Community Team

    Hi swathi - 

    I read through the ticket between James and Aleksey, and the conclusion was that tokens are required in order to accomplish this workflow. 

  • swathi gude

    Is there any way that i can generate token, by skipping browser "allow", button? I would like accomplish and get the token , every thing from my web api application

  • Bryan - Community Manager
    Zendesk Developer Support

    Hi swathi gude,

    First thing to know, password grant flow only works on what are called "Phase 1" (aka "Legacy Zendesk Chat"). This is because those accounts rely solely on a password-only login that do not integrate with Zendesk Support. See "This grant type is only supported on Chat-only accounts. It's not supported on Chat+Support accounts"

    Also see Determining your Zendesk Chat account version if you're not sure what Chat account type you have.

    If you do have a Phase 1 (and want to use password grant flow) or have a later account type and want to do a client_credentials grant flow, you need to go through a number of steps:

    1. Admin creates Chat OAuth client (Chat Settings/Account > API & SDKs)

    2. Admin generates access token against above OAuth client (can use the "implicit" grant flow under the "Complete the OAuth implicit grant flow to get the token" section to make this as easy as possible)

    3. Get ID of OAuth client from step 1 using token from step 2:

    curl -v -H "Content-Type: application/json" -H "Authorization: Bearer step2accesstokenhere"
    4. Admin updates the OAuth client in step 1 to be confidential using token from step 2:
    curl -v -H "Content-Type: application/json" -H "Authorization: Bearer step2accesstokenhere"{id_of_client_from_step1} -X PUT -d '{"client_type":"confidential"}'
    5. You can then generate a "client_credential" token:
    curl -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=client_credentials&client_id=clientidofoauthclient&client_secret=clientsecretofoauthclient' -X POST
    Know that regardless of how you get an access token (whether password, client_credentials, or implicit), it's just an access token at that point. If you want to short-circuit things, you could just generate an access token using the implicit grant flow described in the above article and use that in your server-side app (i.e. pull it from an environment variable or something instead of dynamically generating it). Access tokens don't expire, so you wouldn't have to worry about regenerating. Just an idea. Hope this helps!

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.

Powered by Zendesk