Creating Token For Specific API-Chat API-Conversation API | The place for Zendesk users to come together and share
Skip to main content
Feedback submitted

Creating Token For Specific API-Chat API-Conversation API

Related products:Chat/Messaging
  • June 17, 2021
  • 1 reply
  • 4 views
E

Hello,

Tokens are created on Zendesk accountwide which creates Cyber security issues whenever we want to integrate any application or any other institution. This situation abondon us to make new projects.

Our demand is, every API should have its own token especially for Cyber Security issues. A token shouldn't give authorization to open all the gates for all API's in Zendesk. Prioritized Tokens for specific API is a must in today's world. Zendesk must find a way for this problem.

Have a nice day.

    1 reply

    R
    • Ramin12Employee
    • Employee
    • September 6, 2021

    Thanks for the feedback Erkin. Agree that having the option to have scoped or restricted clients is something that could be added to improve security best practices. 

    Today, you can restrict the scope to read/write in Chat: https://developer.zendesk.com/api-reference/live-chat/chat-api/oauth_clients/ 

    For Support, you have more granular read/write settings per data type: https://developer.zendesk.com/api-reference/ticketing/oauth/grant_type_tokens/#scope

    As we work to consolidate and align the API offerings we have, we can consider making scope also include platform components like the conversations APIs. This is currently not on the roadmap for the next nine months but if that changes we will let you know here. 

    Terms & ConditionsAccessibility statement