API

Operations workflow page for Zendesk API

Token creation requests

All requests for an API token should be done via a access request issue.

There are two exceptions to this:

  • API tokens for Support Operations team members’ personal use
  • API tokens for Support Operations scripts/automations/etc.

Once an access request is filed, the requester’s manager must approve the request.

After that has been done, the provisioner for the instance (traditionally a Fullstack Engineer, Customer Support Operations) will review the request.

During this review, we carefully review the business reasons and use-case of each request due to the significant access level that an API token provides.

If deemed acceptable, the Fullstack Engineer, Customer Support Operations will then create the API token. The name of the token in Zendesk should be a link to the access request.

The API token will then be DM’d in Slack to the requester.

See: Zendesk API Tokens

Integration requests

All requests for an integration token should be done via a access request issue.

Once an access request is filed, the requester’s manager must approve the request.

After that has been done, the provisioner for the instance (traditionally a Fullstack Engineer, Customer Support Operations) will review the request.

During this review, we carefully analyze the business reasons and use-case due to the significant access level that an API token provides. Integrations pose even higher risks and should be avoided whenever possible. While API tokens can be quickly and easily revoked, integrations cannot.

If deemed acceptable, the Fullstack Engineer, Customer Support Operations will then create the integration. The exact means for this are going to vary from integration to integration, but the key point is it will be done by logging in as the Integration bot for the Zendesk instance.

See: Zendesk OAuth Applications