Please use proper authorization behaviour

My company migrates from Zendesk to Freshdesk. I'm working on migrating the API.

The first pain I immediately faced is that your authentification scheme is non-standard. See

Expected (standard) behaviour of most http clients is to try to authentificate as anonymous, then after getting a 401 with WWW-Authenticate the client will send auth headers.Since as you don't send WWW-Authenticate header in response, users that uses the standard way will get:



{"code":"invalid_credentials","message":"You have to be logged in to perform this action."}

depending on the api version. 

Please fix that. This is the first impresssion of using API and it's really bad. I had to spend 40 minutes digging into Apache HttpClient source code to understand what's happening

3 people have this question

Hi @Sergey, What did you do to work around the problem?

I have my API key but when i am using it it returns this

[20-05-24 15:01:55:577 IST] {"code":"invalid_credentials","message":"You have to be logged in to perform this action."}

Please help me with it. I don't understand what is issue

I have the same issue as Chandan Kumar. 

Login or Signup to post a comment