How can I authenticate API requests?

Have more questions? Submit a request

25 Comments

  • Shlomi Cohen
    Comment actions Permalink

    The example only talk about username password . but more relevant is the format of the username/token:password , which is not that straight forward in basic auth.

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Shiomi,

    I believe what you're asking about is covered by the second part of the answer which starts "If using an API-token to perform that authentication..."

    Please let me know if I'm failing to understand your comment correctly so that I can help improve this article.

    Thanks!

    0
  • Shlomi Cohen
    Comment actions Permalink

    you are right , but i thought an example of such should be here as well. 

    for example for me it didn't work at the beginning just because my browser also sent the cookies and probably zendesk authenticated me through that.

    also , i started to wonder which part should be base64 encoded , eventually got  it but it was nice if it was clearer for example Authorization: Basic (base64encode(user@domain/token:token_value))

     

    0
  • Dwight Bussman
    Comment actions Permalink

    Thanks Shlomi!

    Our Developer Docs now include additional information about base-64 encoding this auth info:

    https://developer.zendesk.com/rest_api/docs/core/introduction#security-and-authentication

    Please let me know if this is clearer or if it could still use improvement.

    0
  • Tomer Ben Arye
    Comment actions Permalink

    Can you add this example of how to send it properly?

    Add an example of sending requests:

    session = requests.Session()
    session.headers = {'Content-Type': 'application/json', 'Authorization': 'Basic Basic_64_encoded_code'}

     

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Tomer,

    Sure - good suggestion! I was trying to keep this as language-agnostic as possible, but having an example in Python could be useful as many folks use that for scripting.

    0
  • Matt Berry
    Comment actions Permalink

    If I log into Zendesk with Google authentication, not my own Zendesk username and password, can I still use the API?

    1
  • Dwight Bussman
    Comment actions Permalink

    Hi Matt,

    You'll need to create Zendesk credentials in order to authenticate API requests (or use an API/Oauth token). Google authentication will not work with the API.

    1
  • Yamile Martinez
    Comment actions Permalink

    When trying to Authenticate a URL Target; i am getting a 401 Error which is 

    "error": "Couldn't authenticate you"

    I am editting the URL Target through Zendesk Settings/Extensions to include in the
    Basic Authentication what i decoded the user:password.

    When i populate the user and Password (api token) it still gives me the same error.

    Can anyone help?
    Thanks,
    Yami
    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Yamile,

    I'm happy to reach out to you in a ticket to get more details about your workflow, but I suspect this may be related to how the user and token are being passed over.

    In order to leverage the API token in the basic authentication, you'll want to have the username look like this:


    Where the "/token" is appended after the user's email address, and the API token itself is put into the password field.  Please let me know if this helps to resolve this issue for you, or if you'd like me to create a ticket to look into this further.

    0
  • Yamile Martinez
    Comment actions Permalink

    Hi Dwight,

    Yes, open a ticket.  I just tried what you suggested and i am still getting the same error (401) 

    "error": "Couldn't authenticate you"

    Thanks,

    Yami

    0
  • Priscila Giatti
    Comment actions Permalink

    Hi Dwight,

    I am having the same issue, wondering how the above was fixed?

    Thank you!

    Priscila 

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Priscila,

    The above issue appeared to be the result of a formatting issue within the target authentication values. I'll raise a ticket to work with you to resolve this matter on your account.

    0
  • Anant Khanna
    Comment actions Permalink

    Hi Dwight,

    Many thanks for all the information.

    Is it possible to gain access to a zendesk sandbox?

    I am trying to send a request to Zendesk from NAV (2017) but am hitting the error: 

    "The request was aborted: Could not create SSL/TLS secure channel."

    I am setting the username/password as the format given in the Zendesk API. Any help would be much appreciated.

    Thanks

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Anant,

    I'd be happy to look into this more closely in a ticket so we can discuss things more privately. I can then report back on our findings to this thread for the good of the community. I'll be reaching out to you in such a ticket shortly.

    0
  • Brian Gilman
    Comment actions Permalink

    Hi, I'm having a similar auth issue.  My format for the basic auth settings is as follows:

     

    Username: email@email.com/token

    Password: token

    Getting a 401 Error, unable to authenticate you.  Any help would be appreciated!

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Brian,

    Could you try making an API request using the developer console here: Zendesk Developer Portal

    I'm curious to know if you receive the same error.

    Let me know!

    0
  • Brian Gilman
    Comment actions Permalink

    Thanks Brett!  The PUT request successfully updated the ticket using the API Console

    0
  • Brett - Community Manager
    Comment actions Permalink

    Glad to hear it Brian :)

    Sounds like it could be an issue with the client you're using to make the API call.

    0
  • Chi Hoang
    Comment actions Permalink

    Hi Dwight,

    I have a perl script that running fine until last week.

    I receive the error "http status: 401  Unauthorized"

    Ticket is created 4927775.  Can you point me to some php or perl examples?

    Thanks

    0
  • Peter Wong
    Comment actions Permalink

    Hi Dwight,

     

    How about JWT? Can I put the JWT in the authentication header to authenticate API request?

     

    Thanks.

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Peter,

    We currently allow 3 methods of authentication:

    • Zendesk credentials
    • API token
    • Oauth token

    While we allow JWT to authenticate your user logging into Zendesk, we do not currently support using SSO to authenticate API requests.

    For more information on how to pass the above forms of authentication to our API, please see this article: https://developer.zendesk.com/rest_api/docs/support/introduction#security-and-authentication 

     

    Hi Chi - it appears the ticket you mentioned above has been resolved. Glad you were able to get to the bottom of that.

    0
  • Peter Wong
    Comment actions Permalink

    Hi Dwight,

     

    If I want to have an OAuth Token with expire time (e.g. 2 hours), how can I do it?

    Thanks!

     

    0
  • Dwight Bussman
    Comment actions Permalink

    Hi Peter,

    I'm not aware of us allowing the time-based expiration of access tokens. They would have to be manually revoked using https://developer.zendesk.com/rest_api/docs/support/oauth_tokens#revoke-token

    0
  • Nicole - Community Manager
    Comment actions Permalink

    asm

    0

Please sign in to leave a comment.

Powered by Zendesk