Using the API with 2-factor authentication enabled

If an agent or admin enables 2-factor authentication in their user profile, they'll no longer be able to use just their username and password to authenticate API requests . Alternatives include using an API token or implementing an OAuth authorization flow.

Using an API token

If an agent or admin has enabled 2-factor authentication, they can use an API token with their username, instead of a password, formatted as follows:

{email_address}/token:{api_token}

Example:

curl https://example.zendesk.com/api/v2/users.json  -u [email protected].com/token:6wiIBWbGkBMo1mRDMuVwsNkeUj95PIz2akv

You can obtain API tokens from the Admin Center interface at Apps and integrations > APIs > Zendesk API.

Use API tokens in the following cases:

  • All curl examples in the API docs . See the example above
  • Any internal scripts that rely on a username and password to make API requests

Implementing an OAuth authorization flow

Another option is to implement an OAuth authorization flow. Use OAuth in the following cases:

  • Apps developed in-house that require per-user authentication
  • Apps developed by any third-party app developers

See the following OAuth resources: