Zendesk Advanced Settings

To authenticate to Zendesk, you can use either Basic authentication or the OAuth standard. Use Basic to connect to your own data. Use OAuth to allow other users to connect to their data.

Using Basic Authentication

To use Basic authentication, specify your email address and password or your email address and an API token. Set User to your email address and follow the steps below to provide the Password or ApiToken.

1. Enable password access in the Zendesk Support admin interface at Admin > Channels > API.
2. Manage API tokens in the Zendesk Support Admin interface at Admin > Channels > API. More than one token can be active at the same time. Deleting a token deactivates it permanently.

Using OAuth Authentication

OAuth requires the authenticating user to interact with Zendesk using the browser. The provider facilitates this in various ways as described below.

Register an OAuth Application

Follow the procedure below to register a third-party application and obtain the OAuth client credentials, the OAuthClientId and OAuthClientSecret. Note that this procedure requires admin access to your Zendesk account.

1. In the Zendesk Support Admin interface, go to Admin > Channels > API.
2. Click the OAuth Clients tab on the Channels/API page and then click the plus icon (+) on the right side of the client list.

3. Complete the required fields to create a client.

   If you are making a desktop application, set the Redirect URI to http://localhost:33333 or a different port number of your choice.

   If you are making a Web application, set the Redirect URI to a page on your Web app you would like the user to be returned to after they have authorized your application.

4. Click Save. After the page refreshes, a new prepopulated Secret field appears on the lower side.
5. Use the unique identifier as the OAuthClientId and the secret value as the OAuthClientSecret.

Authenticate to Zendesk from a Desktop Application

After setting the following connection properties, you are ready to connect:

• OAuthClientId: Set this to the client Id that you specified in your app settings.
• OAuthClientSecret: Set this to the client secret that you specified in your app settings.
• CallbackURL: Set this to the Redirect URI you specified in your app settings.
• InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to manage the process to obtain the OAuthAccessToken.

When you connect, the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process.

1. Extracts the access token from the callback URL and authenticates requests.
2. Obtains a new access token when the old one expires.
3. Saves OAuth values in OAuthSettingsLocation to be persisted across connections.

Authenticate to Zendesk from a Web Application

When connecting via a Web application, follow the steps below to get and manage the OAuth token values using the provider.

Get an Access Token

Set the following connection properties to obtain the OAuthAccessToken:

• OAuthClientId: Set this to the Client Id in your app settings.
• OAuthClientSecret: Set this to the Client Secret in your app settings.

You can then call stored procedures to complete the OAuth exchange:

1. Call the GetOAuthAuthorizationURL stored procedure. Set the AuthMode input to WEB and set the CallbackURL input to the Redirect URI you specified in your app settings. The stored procedure returns the URL to the OAuth endpoint.
2. Log in and authorize the application. You are redirected back to the callback URL.
3. Call the GetOAuthAccessToken stored procedure. Set the AuthMode input to WEB. Set the Verifier input to the "code" parameter in the query string of the callback URL.

Connect to Data

To authenticate your requests for data, set the following:

• OAuthAccessToken

Reauthenticate

The OAuthAccessToken returned by GetOAuthAccessToken has a limited lifetime. When the access token expires, you need to follow the process above to reauthenticate in the browser and obtain a new token.

Customizing the SSL Configuration

 By default, the provider attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store. To specify another certificate, see the SSLServerCert property for the available formats to do so.

Connecting Through a Firewall or Proxy

HTTP Proxies

To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.

In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.

Other Proxies

Set the following properties:

• To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
• To tunnel the connection, set FirewallType to TUNNEL.
• To authenticate, specify FirewallUser and FirewallPassword.
• To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.

Troubleshooting the Connection

To show provider activity from query execution to network traffic, use Logfile and Verbosity. The examples of common connection errors below show how to use these properties to get more context. Contact the support team for help tracing the source of an error or circumventing a performance issue.

• Authentication errors: Typically, recording a Logfile at Verbosity 4 is necessary to get full details on an authentication error.
• Queries time out: A server that takes too long to respond will exceed the provider's client-side timeout. Often, setting the Timeout property to a higher value will avoid a connection error. Another option is to disable the timeout by setting the property to 0. Setting Verbosity to 2 will show where the time is being spent.
• The certificate presented by the server cannot be validated: This error indicates that the provider cannot validate the server's certificate through the chain of trust. If you are using a self-signed certificate, there is only one certificate in the chain.

  To resolve this error, you must verify yourself that the certificate can be trusted and specify to the provider that you trust the certificate. One way you can specify that you trust a certificate is to add the certificate to the trusted system store; another is to set SSLServerCert.