The external OAuth clients page displays a list of Zendesk Marketplace apps and integrations that use external (global) OAuth tokens to authenticate and connect to your Zendesk account. These tokens are typically used by Marketplace apps that Zendesk admins install in their Zendesk instance. Developers of these apps must obtain a global OAuth client from Zendesk, which is then used to create global OAuth tokens (“external” tokens) for authenticating the app’s API requests across multiple Zendesk customers. For example, if you install a Marketplace app like Geckoboard in your Zendesk instance, the app uses a global OAuth token, and the corresponding client will appear on this page. This allows you to view all third-party integrations that are authorized to access your Zendesk account, regardless of which team member set them up. For more information about global OAuth clients, see Set up a global OAuth client.
Topics covered in this article:
Accessing the external OAuth clients page
You can access the external OAuth clients that have been granted access to your account.
To access the external OAuth clients page
-
In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
A list of clients appears. It shows external OAuth client information including the client name, number of tokens, company name associated with the OAuth client, client identifier, and date last used.
Searching external OAuth clients
If you have a large number of external OAuth clients, or you need to locate clients that include a specific keyword, you can use the search feature.
To search for an external OAuth client
- In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
- Enter your search term or keywords in the search bar.
As you type, the list displays external OAuth clients matching your search term.
Viewing external OAuth tokens
You can view tokens created for an external OAuth client, allowing you to monitor active tokens and identify those that may require revocation.
To view external OAuth tokens
- In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
- Find the client in the list whose tokens you want to view.
- Click the options menu (
) next to the client and select View token.
A list of access tokens for the external OAuth client appears.
Viewing scopes for external OAuth tokens
Scopes are the permissions that define exactly what actions an app can perform or what data it can access on your behalf.
To view the scopes for an external OAuth token
- In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
- Find the client in the list.
- Click the options menu (
) next to the client and select View token.
- Find the token you want to view for scopes.
- Click the options menu (
) next to the token and select View scope.
Viewing audit logs for external OAuth tokens (Enterprise)
On Enterprise plans, the audit log shows changes made to the token since it was created. For more information, see Viewing the audit log for changes to your account.
To view audit logs for an external OAuth token
- In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
- Find the client in the list.
- Click the options menu (
) next to the client and select View token.
- Find the token you want to view for audit logs.
- Click the options menu (
) next to the token and select View audit logs.
Deleting external OAuth tokens
If you believe an external OAuth token has been compromised, or if you no longer need a token or think it might be lost or forgotten, it should be deleted. Deleting unused or potentially compromised tokens helps keep your account secure and organized. To completely revoke an integration’s access to your account, delete all tokens associated with that client. Team members can always reauthorize the integration later if needed.
To delete external OAuth tokens
- In Admin Center, click
Apps and integrations in the sidebar, then select APIs > External OAuth clients.
- Find the client in the list.
- Click the options menu (
) next to the client and select View token.
- To delete an individual token:
- Find the token you want to delete.
- Click the options menu (
) next to the token and select Delete.
- When a confirmation message appears, click Delete token.
- To delete multiple tokens:
- Select the tokens you want to delete.
- Click the options menu (
) next to any of the selected tokens and select Delete.