Recent searches
No recent searches
How can I authenticate API requests made by my ticket sidebar app?
Posted Sep 12, 2024
I'm working on a ticket sidebar app that gets data from our self-hosted API endpoints. Is there a way to verify that the data requested is from one of our ZenDesk users?
I see that requests have JWT tokens in the X-Zendesk-AuthN header, but there's no documentation on how to validate them.
There is an option for signed URLs. However, this only applies to the initial connection and not to calls made from the app itself.
What is best practice here? ZenDesk is providing a lot of great information in their requests, but there's no great way to validate it.
0
2
2 comments
Jared Fowkes
I ended up using IP authentication using the IPs listed in the API endpoint listed below.
https://developer.zendesk.com/api-reference/ticketing/account-configuration/public_ips/
This is not ideal but seems to be a reasonable solution.
0
Jared Fowkes
I ended up using IP authentication and am only accepting requests from IPs listed in the endpoint below. This is not ideal but seems to be a workable solution.
https://developer.zendesk.com/api-reference/ticketing/account-configuration/public_ips/
0