Zendesk JWT authentication without SDK

7 コメント

  • Eric Nelson
    Zendesk Developer Advocacy
    Hey Rory, 
     
    The JWT auth provider that the SDK uses is locked for only use by the SDK. What API endpoints are you looking to use?
    0
  • Rory Connolly

    Hi Eric,

    We are looking to use several different APIs to expose Ticketing (requests) and Help Center (articles, posts, search) functionality for our end users in our mobile app on iOS and Android.

    Our users will already be signed in to our proprietary Cloud service so we don't need them to log in again, but we'll need to issue them access tokens for Zendesk that are specific to their particular user account.  How would you recommend we go about obtaining access tokens for Zendesk?

    - Rory

    0
  • Eric Nelson
    Zendesk Developer Advocacy
    Hey Rory,

    Thanks for the context. Instead of using the SDK's jwt provider it sounds like you may be a good candidate to enable JWT SSO. It's a different service than the one the SDK uses, but the concept is pretty similar and would allow you the access that you'd need.
    0
  • Rory Connolly

    Thanks Eric, the documentation here all refers to browser based login flows.  Our goal is to obtain access tokens for users programmatically through API calls directly from our mobile app. Is this supported, and if so can you point me to documentation on the relevant APIs?

    I've set up JWT SSO as described in the docs and have called the /access/jwt endpoint with a valid jwt payload, but I'm not sure if anything in the response could be used as an authorization header when sending further API requests to Zendesk. Any suggestions?

    0
  • Rory Connolly

    Here's an example of a Zendesk API that we would like to call on behalf of the end user from our application:

    curl https://{subdomain}.zendesk.com/api/v2/requests.json \  -d '{"request": {"subject": "Help!", "comment": {"body": "My printer is on fire!", "uploads": [...] }}}' \  -v -u {email_address}:{password} -X POST -H "Content-Type: application/json"

    I would like to use a bearer token of some sort instead of username/password in the authorization header. Can we use a JWT SSO workflow for this purpose?

    0
  • Eric Nelson
    Zendesk Developer Advocacy
    Hey Rory, 

    Unfortunately for mobile specifically the only method that is supported is the usage of the JWT provider in our SDK's. I've got a question out to the team who owns this service to see if there is a way to parse the response into an access token that you'd be able to use. Once I hear back from them - I'll let you know. 
    0
  • Eric Nelson
    Zendesk Developer Advocacy
    Hey Rory,

    Sorry for the delay, I've just heard back from the team who owns the service. Unfortunately they said that utilizing the response to create an access token wouldn't be possible. 
     
    Sorry for the inconvenience!
    0

サインインしてコメントを残してください。

Powered by Zendesk