In case you are using Zendesk software and want to authenticate any incoming processes, then you need to use application programming interface (API) tokens.

Actually, for integrations, you can use the Zendesk API token as part of two-factor authentication.

So, learn all the following details about Zendesk API from this article.

 

Benefits Of Zendesk API Tokens

1) Authentication

Usually, authentication is the process of verifying the identity of a user or a process. Here, by using Zendesk API Tokens, you can perform the authentication of API requests.

For example, you want to use Voleer templates with Zendesk. But to achieve this, the templates need to access Zendesk information and so you need to supply credentials for Voleer. 

But, if you use an API token, you do not need any additional license for Voleer access and only require Voleer credentials.

2) Unlimited API Tokens

You are allowed to create any number of API access tokens that too with an unlimited lifetime.

However, you need to make sure to keep all the tokens in a secure location as they are important to prevent unauthorized access. 

Also, read – Steps to Generate Zendesk Triggers

 

Steps To Create Zendesk API Token And Authenticating API Requests

In Zendesk, admins can add, view, delete, and manage API tokens. But first, the administrator should enable API token access as it is disabled by default.

Steps to Enable API Token Access

  1. Go to your admin center and click on Apps and integrations. It is available on the sidebar.
  2. Next, select APIs > Zendesk APIs.
  3. Now, click on the toggle beside Token Access to enable API token access.

API token access - Zendesk

Image source – support.zendesk.com

Steps to Generate an API Token

  1. Go to your admin center. Click on Apps and integrations available on the sidebar and select APIs > Zendesk APIs.
  2. Next, click on the Settings tab and ensure that Token Access is enabled.
  3. On the right side of Active API Tokens, you can see an Add API token button. Click on it so the token is created.

API token created - Zendesk

Image source – support.zendesk.com

  1. You need to enter a description in the textbox displayed in the API token description (optional).
  2. Now, click on Copy and paste it somewhere secure. Because, when you close the window, the entire token is never displayed again.
  3. Finally, click on the Save button to return to the API page.

In case you click it again to reopen, then a truncated token appears.

Truncated Token - Zendesk

Image source – support.zendesk.com

Also, read – How to Create Zendesk Out of Office Responses

Zendesk API Authentication

In Zendesk only a verified user can make API requests. You can authenticate API requests with 

  • Your email address and password, 
  • OAuth access token,
  • Your email address and API token.

Email Address and Password

This is a basic authentication where you combine your email address and password to generate an authentication header

Remember that the combination should be a Base-64 encoded string.

Format the authentication header as follows:

Authorization: Basic {base-64-encoded email_address:password}

OAuth Access Token

If you are using OAuth for authentication, then do as below.

Format the authentication header as follows:

Authorization: Bearer oauth_access_token

Also, know that the OAuth access token is equivalent to the Zendesk API key so you should keep it secure.

For more information, you can read about using OAuth authentication!

Email Address and API Token

For the generation of the authentication header, you will combine your email address and API token. Just like in the email address and password, here also the combination should be a Base-64 encoded string.

Format the authentication header as follows:

Authorization: Basic {base-64-encoded email_address/token:api_token}

Viewing Your Authorization Header

You can use third-party pages like Request Bin, to know exactly what is sent by the apps. Compare your headers and the ones generated by webhook using OAuth authentication.

To see this in action, 

  1. You should point the webhook to your requestb.in URL.
  2. In the Add webhook page, click on the Test webhook button.

Add webhook - Viewing authorization header - Zendesk

Image source – support.zendesk.com

  1. When that hits requestb.in, it appears like the below image.

Requestbin - Viewing authorization header - Zendesk

Image source – support.zendesk.com

  1. After Authorization: Bearer, you can see a string. It is the API key provided in your account settings under Programmatic Access by the Request Bin.
  2. Then, you can decode the Base 64 format online by using websites like base64decode.

Decode Base64 - Viewing authorization header - Zendesk

Image source – support.zendesk.com

In case you are making requests using Python, then set the session header as below:

session = requests.Session() 

session.headers = {‘Content-Type’: ‘application/json’, ‘Authorization’: ‘Basic Basic_64_encoded_code’}

Also, learn about Zendesk ticket API, Request API, and Zendesk support API which is also known as Ticketing API from here!

 

Why Zendesk Is Not Best For Using API Tokens

1) Never Displays the Entire Token

Once you save the token after its creation and exit the window, it never again shows the entire token even for the administrator. Whenever you reopen it to check the token, it only displays a shortened version of it.

2) Accessing Tokens

Non-admin level users are not allowed, only administrators can perform operations on API tokens of Zendesk. 

That means, as long as your role in Zendesk software is admin, you can handle tokens.

3) Token Security

Remember that Zendesk does not validate a specific user or token or what permissions a token has. That is because they are meant to provide quick admin-level authorization.

So, if a Zendesk user replaces their own email with the admin email address, then they become an administrator instead of a designated one.

Moreover, an API token provides the scope, not the user, so it does not require any specific email address to utilize it.

Also, read – How to Merge Tickets in Zendesk

 

Meet Helplama Helpdesk, The Best Zendesk Alternative! 

Overcome the limitations supplied by Zendesk and scale up your business by employing the Helplama helpdesk. It is the software that provides all the required operations and is suitable for smaller to larger organizations.

You can automate marketing, self-service, order tracking, and returns center. Also, create a knowledge base and deliver multichannel customer services through email, SMS, live chat, and phone.

Additionally, you may integrate with popular social media channels, eCommerce platforms, and even Slack.

Moreover, it not only allows you to hire and test your agents but also provides automatic agent training.

Check Pricing Start Your 15-day Trial

 

Final Words

Follow the mentioned steps to create an API token in Zendesk and make sure to store it securely.  Also, authenticate API requests through the ways provided in the Zendesk API authentication.

We hope that the benefits and disadvantages of API tokens are helpful to you. 

And, in case you want to offer better customer services including self-help to your users, and improve your business by utilizing automation, marketing, integration, and other tools then use Helplama Helpdesk.

Start your free trial here!