| Announced on | Rollout starts | Rollout ends |
| October 28, 2024 | December 5, 2024 | December 5, 2024 |
We’re announcing an upcoming update to the way that OAuth connections can be referenced within Zendesk Integration Services (ZIS) flows and custom actions.
This announcement includes the following topics:
What is changing?
Historically, developers using ZIS could reference the access token of an OAuth connection in a flow or custom action using the path $.connections.{oauth_connection_name}.access_token.
When Zendesk announced support for additional authentication methods in ZIS connections, we introduced a new way to make use of connections in ZIS actions with the connectionName property.
Until now, both referencing methods were supported. Going forward, bundles can no longer be uploaded or updated if they contain an OAuth access token reference path.
Why is Zendesk making this change?
This change will keep your credentials safer and further limits the opportunities for them to be exposed or captured by an attacker.
What do I need to do?
No immediate action is required, as flows currently running will continue to execute without issue. However, developers who are either creating a new bundle or updating an existing ZIS bundle must make sure to eliminate any references to an OAuth access token reference path. Instead, use the connectionName property to refer to the connection in your custom action definitions. For more information, refer to Using a connection to authenticate API requests in a ZIS flow.
If you have feedback or questions related to this announcement, visit our community forum where we collect and manage customer product feedback. For general assistance with your Zendesk products, contact Zendesk Customer Support.