How can I authenticate API requests?

Return to top
Have more questions? Submit a request

57 Comments

  • Dwight Bussman
    Zendesk team member

    Hi Matt,

    You'll need to create Zendesk credentials in order to authenticate API requests (or use an API/Oauth token). Google authentication will not work with the API.

    2
  • Marco

    That's fixed it thank you!

    1
  • Dwight Bussman
    Zendesk team member

    Hi Marco,

    Apologies - I should've clarified better. You'll need to base-64 encode your email/token:TOKEN and use that within the authorization header.

    So if your credentials look like this:

    email@email.co.uk/token:token_value_here

    the base-64 encoded version would look like this:

    ZW1haWxAZW1haWwuY28udWsvdG9rZW46dG9rZW5fdmFsdWVfaGVyZQ==

    and the auth header would look like this:

    'Authorization: Basic ZW1haWxAZW1haWwuY28udWsvdG9rZW46dG9rZW5fdmFsdWVfaGVyZQ=='


    There are a number of tools to do that base-64 encoding. Here's a website that describes how to do so from the command-line: https://scottlinux.com/2012/09/01/encode-or-decode-base64-from-the-command-line/ 

    There are also online sites on which this can be done if you're not worried about security of the credentials involved: https://www.base64encode.org/ 

     

    If you're still having difficulty with this, please raise a ticket with our support team so we can take a closer look at logs for your account.

    1
  • Matt Berry

    If I log into Zendesk with Google authentication, not my own Zendesk username and password, can I still use the API?

    1
  • Dwight Bussman
    Zendesk team member

    Hi Saori,

    It looks like Password Access is disabled for your account. Could you please head into Admin > Channels > API > Settings and confirm that the password-access switch is flipped on? 

    I suspect the Help Center page works because it can return results un-authenticated, so it's ignoring the username/password.

    1
  • Brett Bowser
    Zendesk Community Team

    Hey Brian,

    Could you try making an API request using the developer console here: Zendesk Developer Portal

    I'm curious to know if you receive the same error.

    Let me know!

    1
  • Bryan - Community Manager
    Zendesk Developer Support

    Hello C. Taf,

    There have been requests for additional means to authenticate (such as a JWT/Authorization header approach). However, the three approaches mentioned in the above article are the only ones currently available for straight API requests (i.e. ones that do not rely on a session cookie from a Support agent login).

    Keep in mind, too, that when using an API token, it should only be used by a server-side solution as you want to keep the token secure and not expose it client-side. 

    While this isn't the answer I'm sure you were hoping for, I wanted to set current expectations, so you can determine what the best next steps might be.

    0
  • Dwight Bussman
    Zendesk team member

    Hi Shiomi,

    I believe what you're asking about is covered by the second part of the answer which starts "If using an API-token to perform that authentication..."

    Please let me know if I'm failing to understand your comment correctly so that I can help improve this article.

    Thanks!

    0
  • Dwight Bussman
    Zendesk team member

    Thanks Shlomi!

    Our Developer Docs now include additional information about base-64 encoding this auth info:

    https://developer.zendesk.com/rest_api/docs/core/introduction#security-and-authentication

    Please let me know if this is clearer or if it could still use improvement.

    0
  • Brett Bowser
    Zendesk Community Team

    Glad to hear it Brian :)

    Sounds like it could be an issue with the client you're using to make the API call.

    0
  • C. Taf

    Thanks for your response, however, we weren't seeking an additional JWT-enabled mechanism for authenticating API requests (though this would be great, and again reading between the lines does appear to be an option with the widget). Authentication in general is not the issue (and of course the API token is kept server-side) as we are successfully querying the API. 

    The issue is that attachment content URLs return a 302 when utilizing an SSO implementation. 

    0
  • Dwight Bussman
    Zendesk team member

    Hi Tomer,

    Sure - good suggestion! I was trying to keep this as language-agnostic as possible, but having an example in Python could be useful as many folks use that for scripting.

    0
  • Peter Wong

    Hi Dwight,

     

    How about JWT? Can I put the JWT in the authentication header to authenticate API request?

     

    Thanks.

    0
  • Shlomi Cohen

    The example only talk about username password . but more relevant is the format of the username/token:password , which is not that straight forward in basic auth.

    0
  • Dwight Bussman
    Zendesk team member

    Hi Marco,

    Could you try base-64 encoding that username/token:XXXX string as described in https://developer.zendesk.com/rest_api/docs/support/introduction#basic-authentication

    to see if that works better?

    0
  • Brian Gilman

    Hi, I'm having a similar auth issue.  My format for the basic auth settings is as follows:

     

    Username: email@email.com/token

    Password: token

    Getting a 401 Error, unable to authenticate you.  Any help would be appreciated!

    0
  • Tomer Ben Arye

    Hey Devan,

    My post was a code to all the other people here, that were struggling to make it happen....

    So, my code works fine, but you're right, I didn't include a proper "header" for it.
    TL;DR,
    If someone has an issue sending a base64 encoded API_Token, he can use my few lines of scripts to do so.

     

    0
  • Nicole S.
    Zendesk Community Team

    asm

    0
  • Dwight Bussman
    Zendesk team member

    HeyO Lavender Song,

    When testing this using a target payload as follows:

    {
    "target": {
    "title": "Target created from API",
    "type": "url_target_v2",
    "active": true,
    "method": "POST",
    "username": "user@example.com",
    "content_type": "application/json",
    "password": "somethingsecret",
    "target_url": "https://hookb.in/xxxxxxxxx"
    }
    }

    I see the following response:

    This means that the API call is ignoring that password parameter. I'm reaching out to the team in charge of Targets to see if there's another way to pass that in when creating a target, or if this is an intended limitation. I'll let you know what I hear back

    0
  • Anant Khanna

    Hi Dwight,

    Many thanks for all the information.

    Is it possible to gain access to a zendesk sandbox?

    I am trying to send a request to Zendesk from NAV (2017) but am hitting the error: 

    "The request was aborted: Could not create SSL/TLS secure channel."

    I am setting the username/password as the format given in the Zendesk API. Any help would be much appreciated.

    Thanks

    0
  • Bryan - Community Manager
    Zendesk Developer Support

    I see you created a new post C. Taf, so will pick things up over there.

    0
  • Peter Wong

    Hi Dwight,

     

    If I want to have an OAuth Token with expire time (e.g. 2 hours), how can I do it?

    Thanks!

     

    0
  • Yawei

    Is that mean if user does not have email we only can use OAuth to do authentication

    0
  • Dwight Bussman
    Zendesk team member

    Hi Yamile,

    I'm happy to reach out to you in a ticket to get more details about your workflow, but I suspect this may be related to how the user and token are being passed over.

    In order to leverage the API token in the basic authentication, you'll want to have the username look like this:


    Where the "/token" is appended after the user's email address, and the API token itself is put into the password field.  Please let me know if this helps to resolve this issue for you, or if you'd like me to create a ticket to look into this further.

    0
  • Tomer Ben Arye

    Many questions raised here before me, for the last 2 years.

    If someone has an issue sending a base64 encoded API_Token, he can use my few lines of scripts to do so.

     

    Python3:

    import base64
    import requests

    email = input("Enter your Zendesk email: ").lower()
    api_token = input("Enter your Zendesk API token: ")
    full_string = email + '/token:' + api_token
    encoded_string = base64.b64encode(full_string.encode())
    session = requests.Session()
    session.headers = {'Content-Type': 'application/json', 'Authorization': 'Basic ' + encoded_string.decode()}

    response = session.get(url)
    data = response.json()

     

    0
  • Taiyaba Quraishi

    Hi Dwight Bussman

    I have the same issue. I have opened a ticket #5239243. It worked on 'https://developer.zendesk.com/requests/new' but still not working through postman.

    0
  • Dwight Bussman
    Zendesk team member

    Thanks for bringing this to our attention. Our Developers have just released code which resolves this issue of the password being stripped out when creating targets via the API.

    Dwight B. | Customer Advocate | support@zendesk.com

    Zendesk Experience Research Panel

    0
  • Dwight Bussman
    Zendesk team member

    Hi Priscila,

    The above issue appeared to be the result of a formatting issue within the target authentication values. I'll raise a ticket to work with you to resolve this matter on your account.

    0
  • Brett Bowser
    Zendesk Community Team

    Hey Cem,

    You can create a trial account by navigating to https://www.zendesk.com/register and entering your information there.

    I hope this helps!

    0
  • Tomer Ben Arye

    Can you add this example of how to send it properly?

    Add an example of sending requests:

    session = requests.Session()
    session.headers = {'Content-Type': 'application/json', 'Authorization': 'Basic Basic_64_encoded_code'}

     

    0

Please sign in to leave a comment.

Powered by Zendesk