The Zendesk Sunshine platform lets you connect and understand all your customer data wherever it lives. The Sunshine platform currently consists of the following APIs:

The Profiles API and the Events API are in early access. The APIs can be enabled by an admin in your account. In Admin Center, go to Sunshine > Settings (, select the Events and Profiles API, and click Save.

Plan availability

The Sunshine API is available on the Sunshine Enterprise and Sunshine Select plans.

The Sunshine Enterprise plan is included with the Support Enterprise and Suite Enterprise plans.

The Sunshine Select plan is included with the Support Elite plan. Support Enterprise and Suite Enterprise customers can upgrade to the Sunshine Select plan.

Sunshine Select provides increased data storage. See Storage limits.


This is the API reference documentation for Sunshine.

In addition to this API reference, the following resources are available in the Develop Help Center:


Authentication works as described in the Security and Authentication in the Zendesk v2 API documentation.


Custom Objects API

Pagination works as described in Pagination in the Zendesk v2 API documentation, except for the following differences:

  • the sort_order parameter is called order= in the Custom Objects API
  • the per_page parameter in the Custom Objects API can take up to 1,000 records rather than 100 records per page on most endpoints in the Zendesk v2 API

The response body is also different. The response object doesn't have "next_page" and "previous_page" properties. Instead, it has a "link" property at the top level with "next" and "previous" child properties.

Events and Profiles APIs

The Events and Profiles APIs use cursor-based pagination. You receive a pagination token for the next page. You can specify things such as ?items to specify the window size.

Content type

  • All POST requests require a "Content-Type: application/json" header

  • All PATCH requests require a "Content-Type: application/merge-patch+json" header

  • All GET requests should return "Content-Type: application/json"

Response codes

The API uses the following standard response codes.

GET requests

  • "200 - Ok"

POST requests

  • "201 - Created"
  • "400 - Bad Request" (the request could not be understood)
  • "413 - Request Entity Too Large" (for jobs endpoints, the JSON array of data to process had too many elements)
  • "422 - Unprocessable Entity" (the request could be understood, but was invalid for some reason)

DELETE requests

  • "204 - No Content"

PATCH requests

  • "200 - Ok"

In addition, a "404 - Not Found" can be returned from any endpoint that takes a URL parameter that does not exist, or any incorrect URL. A "500 - Internal Server Error" can be returned at any time from any endpoint in case of failures in the service. Any endpoint can also return "429 - Too Many Requests" as documented in the Rate Limits section.


The Events API lets you specify an idempotency key that allows the user to retry an API request without the risk of creating duplicate records. For example, if a button click in your app triggers a request to the POST /api/v2/user_profiles/events endpoint, you can use the idempotency key to prevent subsequent clicks from creating duplicate event records.

To specify an idempotency key with a request, provide the header "X-Idempotency-Key: key_value" with your request. The key can be any string with a length less than or equal to 48.

The following Events API path accepts idempotency keys:

  • POST /api/v2/user_profiles/events

When a request is received with an idempotency key, the request proceeds normally if the key has not been seen before. If the key has been used before, the server responds with a "409" status code.

Keys expire after 4 hours, so if a request with a duplicate key is sent after 4 hours from the original request, the request will be allowed to proceed.

The Custom Objects API and the Profiles API don't support idempotency keys.

Rate limits

The rate limits outlined in this section apply to custom objects. The limits for events and profiles, which are in early access, have not been determined yet.

Custom objects

The rate limit for custom objects is 1,000 requests per minute. This includes requests made from the Zendesk Apps framework.

If you exceed the rate limit, the API responds with a HTTP 429 Too Many Requests response code and a body that details the reason for the rate limiter kicking in. The response has a "Retry-After" header that tells you for how many seconds to wait before retrying.

To list the limits for your account, see Custom Objects Limits.

Events (early access)

The rate limit is not finalized. We're looking at feedback and sample volumes during the early access program to help set the final rate limit.

Profiles (early access)

The rate limit is not finalized.

Storage limits

The maximum number of records you can store depends on your Sunshine plan:

Sunshine Enterprise Sunshine Select
Object types 50 50
Object records 1,000,000 100,000,000
Relationship types 50 50
Relationship records 1,000,000 100,000,000

See Plan availability.

The storage limits for the Events and Profiles APIs, which are in early access, are not finalized.

Legal notices

Your use and access to the API is expressly conditioned on your compliance with the policies, restrictions, and other provisions related to the API set forth in our API Restrictions and Responsibilities, in our Change Policy, and in the other documentation we provide you. You must also comply with the restrictions set forth in the Zendesk Master Subscription Agreement and the Zendesk Privacy Policy, in all uses of the API. If Zendesk believes that you have or attempted to violate any term, condition, or the spirit of these policies or agreements, your right to access and use the API may be temporarily or permanently revoked.

This product includes GeoLite2 data created by MaxMind, available from