Eike Thienemann-Dehde

I wish Zendesk would finally replace the classic API tokens approach with a modern one!

Provide the existing https://developer.zendesk.com/documentation/ticketing/working-with-oauth/creating-and-using-oauth-tokens-with-the-api/ oauth functionality in an UI for admins to be able to generate personal access tokens which are limited to a dedicated user and desired scope (e.g. read and/or write and additionally limited by resource as in https://support.zendesk.com/hc/en-us/articles/4408845965210#topic_gql_kbd_gt).

 

This reminds me of the approach taken by GitHub which is IMHO still the most convenient and secure one out there and should be evaluated by Zendesk API experts. Please refer to https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token.