Important Update: Migrating from Token Access to OAuth authorization method

Avatar
Mike
Follow

The Round Robin app uses the Zendesk API to automatically assign tickets.

Zendesk has recently updated the policies that guide the development of public applications and integrations using their APIs, leveraging modern security technologies. These policies require public apps to use the OAuth authorization method when accessing the Zendesk API.

OAuth provides enhanced data security by granting limited access rather than sharing credentials. Unlike logging in with a username and password, OAuth tokens:

  • Only grant access to the specific data and actions you have explicitly allowed the app to perform.
  • Do not expose your master Zendesk password to any third party.
  • Can be issued for a limited time and require renewal, which reduces risks if a token is accidentally compromised.

With the switch to OAuth, you will gain a new capability in the Zendesk Admin Center. There, they will be able to see a unified list of all apps and integrations using OAuth to access your data. This gives administrators a complete view of who has access to your Zendesk instance and the ability to easily revoke access for a specific app at any time, without needing to change a password.

How to migrate to OAuth

We have already implemented the automated migration process to OAuth. To complete the transition, please follow the steps below:

  1. Go to the Round Robin Settings page.
  2. Click the "Migrate to OAuth authentication method" link to be redirected to the Zendesk login page.
  3. Enter the required credentials (it should be user with staff or admin role) to create a new external OAuth client on Zendesk’s side. Then click "Allow" and wait a moment for the process to complete.
  4. Verify that the new Zendesk connection is working properly by importing agents on the Agents page in RR app.

Once completed, a new external OAuth client should be discovered within Zendesk. You can view or revoke it at: https://yourzendeskname.zendesk.com/admin/apps-integrations/apis/external-oauth-clients

Important: Once the connection is created, do not change the role of the specified agent on whose behalf the application created the connection. Doing so will immediately break ticket distribution.

Please complete the migration at your earliest convenience, in the nearest future Token Access authorization method will be deprecated.

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk