I'm looking to make an API request using the Zendesk CORE API. How can I send my user credentials to authenticate that request?
Zendesk uses Basic authentication sent within the headers of an API request. We do not process credentials sent in the payload (body) or URL.
The authorization header should be formatted as follows:
- Authorization: "Basic (base-64-encoded username:PASSWORD_HERE)"
If using an API-token to perform that authentication, the authorization header would look like this:
- Authorization: "Basic (base-64-encoded username/token:API_TOKEN_HERE)"
If you'd like to see exactly what's being sent by your app, you can use a page like http://requestb.in/ to see what's coming over. It may be helpful to compare your headers to those being generated by an HTTP target using basic authentication. You can point an HTTP target to the same requestb.in page and choose Test Target to see this in action:
Here's what that'll look like within your Zendesk:
Once that hits your requestb.in, it'll show up like this:
The string following "Authorization: Basic" is dXNlckBlbWFpbC5jb206b3BlbnNlc2FtZQ==
This is the base64-encoded version of the username/password. To de-code that manually, head to a page like https://www.base64decode.org/, paste the string into the upper box, and click "Decode":
I would love feedback on this article. If you find it unhelpful, please leave a comment so that it can be improved!