API

Token creation requests

All requests for an API token should be done via a access request issue.

There are two exceptions to this:

• API tokens for Support Operations team members personal use
• API tokens for Support Operations scripts/automations/etc.

Once an access request is file, the requester’s manager must approve the request.

After that has been done, the provisioner for the instance (traditonally a Fullstack Engineer, Customer Support Operations) will review the request.

During this review, we are very analytical of the request due to the nature of access an API token provides.

If deemed acceptavle, the Fullstack Engineer, Customer Support Operations will then create the API token. The name of the token in Zendesk should be a link to the access request.

The API token will then be DM’d in Slack to the requester.

Integraton requests

All requests for an integraton token should be done via a access request issue.

Once an access request is file, the requester’s manager must approve the request.

After that has been done, the provisioner for the instance (traditonally a Fullstack Engineer, Customer Support Operations) will review the request.

During this review, we are very analytical of the request due to the nature of access an API token provides. These are very risky and should be avoided at all costs. An API token is easy and quick to revoke, an integration is not.

If deemed acceptavle, the Fullstack Engineer, Customer Support Operations will then create the integration. The exact means for this are going to vary from integration to integration, but the key point it is will be done by logging in as the Integration bot for the Zendesk instance.

View page source - Edit this page - please contribute.