Get API token from app

I am building an app, which will get security token from customer (user on freshdesk) and our backend services will be using the token for accessing data.

Now, does freshdesk provide some kind of oAuth mechanism by which customer doesnt need to manually provide my API key, but will be provided my by app flow. 


2 people have this question

Hi Animesh,


Did you get a chance to look into our developer documentation ? We've listed multiple authentication mechanisms that you could use in an app.


Cheers!

Hi Aravind,

"This is done by using the access token which is obtained from the third-party when the app is installed."  --> Doc says getting token from 3rd party so that freshdesk app could access their resources.

What i am trying to do is exactly opposite, I want to get access token for freshdesk account, so that I can access freshdesk account's data in future.

Thanks

Hi Animesh,


The only possible method to gain authentication to Freshdesk resources is by making use of the admin/agent's api key. We're exploring other methods to provide auth to the users but that's a big development project spanning across quarters.


Cheers!

Hi  Aravind,

Can you tell how to get freshdesk api key dynamically in the program for particular user like getting domain-name through the API use.

I t requires in our project.

Thank you.

I have exactly the same issue.  I have an app which wants to make calls using the published Freshdesk API using the current user's APIkey.  For example, for an Admin user, I want to be able to get the list of agents and groups.  


For a normal Agent, I want to find the id of the previous ticket associated with a customer so that the central team can maintain continuity in allocating Agents to tickets where practical.  The other element, other element in allocation is to provide a summary of the number of unresolved tickets allocated to an Agent.  Looking at the Ticket API (https://developer.freshdesk.com/v2/docs/data-api/#contactAPI), I cannot get the list of Tickets previously raised by the Agent.


All this information is available via the main Freshdesk API, but to use this I need the APIkey for the user.


Trust this provides some example user cases.  The logical place to return the key is via the call to loggedInUser global API.  Clearly if the Admin APIkey is used, this could compromise access security controls.

I have the same issue in respect to developing a Freskdesh app.  The issue is the Data API does not provide the functionality I require, and I need to use the main Freshdesk API which requires use of the user's APIkey.  Looking at the Developer documentation, the natural place to get the key would be via the loggedInUser call.


Here are two use cases in respect to a geographic-based agent allocation app

1.  As an Admin use, I need to get the list of agents, the list of groups and the association between groups and agents so that I can store each agent's location and associated coordinator (based on groups) in the iparams area as it is not possible to add custom fields to the agent and group objects.  The app will upload an offline json file holding this information.

2.  As an agent responsible for allocating client requests, I need to know the agent who last handled the request from the client (i.e. view the tickets associated with a client), and the number of unresolved tickets being handled by potential agents.  Both of figures are available using the Freshdesk API, but is not available using the DataAPI.


Whilst I could use cookies to store this information, I am concerned this is not very secure.



Login or Signup to post a comment