Maybe I am doing this wrong, but a lot of the integrations from the marketplace (and webhooks initiated in the automations) require a users api key. I think this is really poor practice, as a lot of the integrations are using my API key. So if I leave, that API key will no longer be available and all the automations and webhooks will break. Unfortunately there’s no static API key outside of a user granted in the freshdesk system, and I feel like it’s kind of insane to have to pay extra money for an additional user license to have this all not be a SPOF.
Open : Open for Consideration
Grant Extra License for Integrations Requiring API Key
+1Thanks for putting up that idea here! We completely understand the issues that can occur when API updates are made under the name of the API key holder instead of system. While we don't have it in our immediate roadmap, but we can surely plan to build a system API key feature in the future. We will get back to you once we have an update.
+1oh also, it looks kind of weird when system automations and updates all come from an actual user. there are some instances where it looks better to have the update come from a more systematic update.
+11- Top Contributor ⭐
This is a great Idea!!
We currently have an extra user license doing this and it is costing us money! If you had a section to link your service account to an Automation user… then when doing your web requests you can then select the automation user, (or another user if you so wish). Everyone gets one and if you want you could say you only get it in the top two tiers of you licenses scheme..
+11- Top Contributor ⭐
Just had a look and they have a section for Credentials. this would be a great place to have your automation account, annoying thing is that i’ve never got this working. i will raise this with my SM and see if there is anything they can do for this.
+11- Top Contributor ⭐
I had a response from my CSM….
I understand that you are looking to make use of a generic API Key rather than creating a dependency. While we currently don’t offer this feature, we are planning on offering something similar to it in the near future. We have had other customers asking about this feature as well. I can’t give you the exact timeline of when it will be ready, but I can tell you that it’s already in the works and we’ll have it released within the next few months.
+1 - This is 100% needed and is a security and keyman risk. If the person needs to leave and have their account deactivated, all automations will break!
+4Great idea!
I constantly get contacted by colleagues as they believe I have done something as the API key uses my user account. They don’t know that it was an integration between Freshdesk and system X and therefore rightfully assume I have done those changes personally.
+14- Top Contributor ⭐
Great idea!
I constantly get contacted by colleagues as they believe I have done something as the API key uses my user account. They don’t know that it was an integration between Freshdesk and system X and therefore rightfully assume I have done those changes personally.
Ya we recommend our customers to have agent that only for API/app related functions.
+4Great idea!
I constantly get contacted by colleagues as they believe I have done something as the API key uses my user account. They don’t know that it was an integration between Freshdesk and system X and therefore rightfully assume I have done those changes personally.
Ya we recommend our customers to have agent that only for API/app related functions.
But this would cost another license ;-).
+14- Top Contributor ⭐
Great idea!
I constantly get contacted by colleagues as they believe I have done something as the API key uses my user account. They don’t know that it was an integration between Freshdesk and system X and therefore rightfully assume I have done those changes personally.
Ya we recommend our customers to have agent that only for API/app related functions.
But this would cost another license ;-).
True that
+1Thanks for putting up that idea here! We completely understand the issues that can occur when API updates are made under the name of the API key holder instead of system. While we don't have it in our immediate roadmap, but we can surely plan to build a system API key feature in the future. We will get back to you once we have an update.
+10- Top Contributor ⭐
Other companies have solved this with
- creating an own API key area (not bound to users, therefore not consuming licenses)
- make API keys expiring once a year (or custom time)
- have OAuth 2.0 implemented as API key technology
- let us have unlimited API keys per usage type/function/application
- implement an API key usage audit log
+8New Idea→Open : Open for Consideration
+9- Top Contributor ⭐
Highly needed. ~5-10 fulltime agents for our integration with different privileges.
+2Yes, this would be very useful. I too get calls from other users asking about a ticket because the API shows my name on the ticket. Also does not seem fair to have to pay for an additional agent license just to use the API with a generic name.
Yes, this would be very useful. I too get calls from other users asking about a ticket because the API shows my name on the ticket. Also does not seem fair to have to pay for an additional agent license just to use the API with a generic name.
I would reach out to your CSM and push for a free license that will solely be used for API
- Use OAuth 2.0: Implement OAuth 2.0 or other secure authentication methods to handle API access securely.
- Set Expiry and Rotation Policies: Configure service accounts with regular credential expiry and rotation policies to enhance security.
- Monitor and Audit: Implement monitoring and auditing of service account usage to detect anomalies and ensure compliance with security policies.
- Apply Least Privilege: Grant only the minimum permissions necessary for the service account to perform its required functions.
In summary, using service accounts for API access aligns with best practices for security, manageability, and compliance, providing a more secure and efficient way to manage API interactions compared to using individual user credentials.
+2Yes, this would be very useful. I too get calls from other users asking about a ticket because the API shows my name on the ticket. Also does not seem fair to have to pay for an additional agent license just to use the API with a generic name.
I would reach out to your CSM and push for a free license that will solely be used for API
I’ve voiced my concern about this several times, no luck yet on a “free license.”
+4- Top Contributor ⭐
New Idea→Open : Open for Consideration
+3This is exactly what my team is dealing with now! We need a dedicated API to use in our integration with our website and Freshdesk and was told we need to purchase a separate license. It looks like this has been an ask for over a year, any updates on getting this feature rolled out?
+4- Top Contributor ⭐
+14- Top Contributor ⭐
Alyssia isn’t working with Freshworks.
Alyssia isn’t working with Freshworks.
Bringing attention of this to
+8- Top Contributor ⭐
Alyssia isn’t working with Freshworks.
What? It says so in her profile on here though and she’s changing the status of ideas.
+11- Community Manager
Hello everyone,
I'll reach out to the relevant Product Manager and share an update with you all soon! Some of them are currently off on their holidays. Please bear with me until they’re back, and I’ll share an update with you all as soon as possible.
Join the Community
Already have an account? Login
Welcome back to Freshworks Community
No account yet? Create an account
Social Login
Login for Freshworks Employees Login with LinkedInor sign up below
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.