API Authentication

Hi all,

Freshdesk uses basic authentication in the API calls, which requires username &password or the API key in the requests.

this is what I am trying to build for our client:

We built a single sign on portal that allows the user to login to freshdesk from our web portal. we used ADFS federation to achieve that. Now, when the user logs into our portal, we would like to make an API call to retrieve the logged in user's tickets. 

now, without asking the user to login to freshdesk again (because of the single sign on), how can the web portal get the API key of the user so that it can make API calls for the user?

3 people have this question


Would help us understand better if you could elaborate what you mean when you say:

> API call to retrieve the logged in user's tickets.

Who is the logged in user? Requester or assigned agent?

And the general design guideline we give for users is to use one administrator-agent's API key for making all API request. So in your case, if you may want to look at our API to filter by requester email.

Let me know if this helps.

Sure, please refer to the following diagram: we wish to build a web site for users in OUR AD, which gets their tickets from freshdesk and display them.

the user is not a user that register with Freshdesk via the normal registration process. as we built SSO for them so that they can log onto freshdesk without having to register. 

Is this possible to achieve? if so, what will be the best practice you recommend? Note: we prefer not having to ask the user to login before they can see the tickets, because that defeats the purpose of SSO and they certainly dont have any credential to login anyway.

Assuming you are developing a Portal with backend code (like Sharepoint / Liferay):

Link to our documentation that explains how to get tickets by requester email id.

Thanks Subhash,

in Step 1, how would i get the security token for the part: user@yourcompany.com:test?

because this user is not going to be normal user that comes from the registration process, it is created when the user logs in via ADFS.


You don't have to. At least one user in Freshdesk will be configured as an admin. Have this user's API token configured at the backend, and make all API calls using this one token.


cool, thanks a lot

Im using chrome's advanced rest client.

How can i authenticate my api?

any query parameters or payload available to authenticate?

my client can pass only username and password and i uesd my api key for authenticate the user and login to user.

any demo code available in github or any other websites? 

Hello, I hope you are well


This is possible but with a Mobile APP?


I would like my clients to log in to the app and they can also log in to their freshdesk account and thus bring the tickets that already exist or they can create one

Login or Signup to post a comment