Managing 2-factor authentication Follow

all plans

2-factor authentication provides another layer of security to your Zendesk account by requiring agents and administrators to provide an expirable passcode when signing in.

2-factor authentication can be used by any agent or administrator who signs in to your Zendesk using Zendesk authentication. It's not available for agents or administrators who sign in using third-party authentication such as Google authentication services, JWT, or SAML. However, these users might still be able to use third-party 2-factor authentication such as Google 2-Step Verification if you're using Google authentication.

You can require 2-factor authentication for all agents and administrators, or each agent or administrator can set up 2-factor authentication for his or her own use.

You can use 2-factor-authentication on the Zendesk website or with the Zendesk iOS or Android apps. However, the Zendesk REST API doesn't currently support 2-factor authentication. See Using the API when 2-factor authentication is enabled in the Developers guide.

Requiring 2-factor authentication on the account

You can require 2-factor authentication for all agents and administrators, Once this setting is enabled, all admins and agents will be required to set up two-factor authentication the next time they sign in. We recommend sending them a notification with a link to the Using 2-factor authentication article in the Agents guide.

Note: Requiring 2-factor authentication disables password-based authentication to the Zendesk API.

To require 2-factor authentication

  1. In Zendesk Support, go to Admin > Settings > Security, and click the Global tab.
  2. Scroll to the Two-factor Authentication setting and select Enabled.
  3. Click Save.

Tracking who's using 2-factor authentication

You can generate a CSV spreadsheet listing all the admins and agents in your account and whether or not they're using 2-factor authentication.

  1. In Zendesk Support, go to Admin > Settings > Security, and click the Global tab.
  2. Scroll to the Two-factor Authentication setting and click the link, Export two-factor authentication status for admins and agents.
  3. Check your Zendesk email. You should get an email shortly with a link to download the spreadsheet.

Getting a recovery code for somebody else

If an agent or admin exhausts or loses their recovery codes and can't sign in, you can generate a recovery code for them.

  1. Locate and open the user's profile page. In Zendesk Support, go to Admin > Manage > People, then select the admin or agent.
  2. On the user's profile page, open the Security Settings tab and click the Show Recovery Code link.
  3. Copy the code and send it to the agent or admin.
Have more questions? Submit a request

Please sign in to leave a comment.

Powered by Zendesk