Using API with existing username/password

  • 29 March 2012
  • 8 replies

As I understand it, I would need to imbed a valid agent's username and password in any API request. This is somewhat impractical - I am the owner and don't want my username and password made available to my programming staff; they don't want their passwords available to each other or to me, for that matter. As a small company, I will have only 3 agents altogether, so adding a non-functional API agent would be relatively expensive.

Suggestion (if you agree that this type of agent could/should be free) - create an Agent restriction called "API agent" that doesn't have any authority other than to use the API -- one that doesn't chalk up a fee as a regular agent.

This topic has been closed for comments

8 replies

This is exactly what I'm looking for. We're wanting to use the API to control some of our testing process, and it isn't logical to have one of our developer's password in the connection file.
Hi David/Cody

You can create an Occasional Agent and use his API key in such cases.Day Pass for this Occasional Agent will be used only when this agent logs in to the system, so unless this Agent is going to be logging in and replying to tickets, you can use this agent for API purpose alone

That's great. When you say using his Key, do you mean the actual key that appears on the profile page (if so is there any documentation / instructions on this method)  or do you mean using the username/password of the API user?

EDIT: For anyone interested, you can use the API key as the username to make calls.
Eg: curl -u APIKEY: http://{YourHelpDesk}

(Username = key, password = blank). The colon on the end means CURL doesn't prompt for a password.
Userlevel 4
Badge +12


We have made some changes in our API module so that the occasional agent needs daypasses to access the helpdesk information via API. This has been added to enhance the security and to restrict anonymous access to the account data.



How does requiring payment enhance security or restrict anonymous access? This claim makes no sense.

Hi, I am trying to follow the instructions from the url:

When trying to authenticate to Freshdesk - finding that the the authentication test is not working.

Using the example from the url:

I am not sure which authentication details are required.

string authInfo = apiKey + ":X";

What is required to be inserted in X

I think it's literally an X, it's not something you replace. It's ignored by the API since your key is all that's needed.

I am trying to connect to freshdesk account with freskdesk api using 
It always shows 404 Error, Please check the end point .
I dont get why it is happening