Overview
Zendesk is changing how applications authenticate with its APIs by deprecating API tokens for many authentication scenarios. As part of this change Zendesk will perform the following according to the below timeline:
-
July 28, 2026
- New accounts blocked: Accounts created on and after July 28, 2026, cannot create or use API tokens.
- One-time clean up: Any token unused for 30 days or more will be deactivated.
- Auto-deactivation starts: From July 28 forward, any token that goes unused for 30 days will deactivate automatically.
-
April 30, 2027
- By April 30, 2027, all API tokens will stop working
Read the full Zendesk article here
This change does not impact the SendSafely Help center upload widget or Agent sidebar app as these integrations do not use Zendesk API Keys.
To ensure continued compatibility with Zendesk, SendSafely is updating all supported versions of the SendSafely Zendesk Dropzone Connector to use OAuth authentication instead of API tokens.
Updated connectors will be available for install beginning on July 17, 2026. Contact support@sendsafely.com to receive a link to download and install the latest connector.
Who is affected?
Customers using, or wishing to use:
- SendSafely’s Dropzone Connectors for Zendesk
- Sendsafely’s Trigger Integration
- Custom scripts connecting Zendesk to SendSafely
Existing Zendesk customers
If you are already using the SendSafely Zendesk Dropzone Connector with an API token, your connector will continue to function according to Zendesk's deprecation timeline (up to April 30, 2027), as long as your Dropzone receives at least one Dropzone upload every 30 days.
However, we strongly recommend migrating to OAuth authentication as soon as practical to ensure long-term compatibility and avoid the potential of Zendesk's 30 day auto-deactivation.
Migration instructions for updating your existing connector will be available on July 17, 2026.
New Zendesk customers
Zendesk accounts created after July 28, 2026 will no longer have the ability to generate API tokens.
To deploy the SendSafely Zendesk Dropzone Connector or other integration, simply use the latest version of the connector for your cloud platform. All newly released versions authenticate using OAuth and require no API token configuration.
- AWS Lambda
- Google Cloud Platform (GCP)
- Microsoft Azure
OAuth compatible connectors will be available on July 17, 2026.
Customers with customized connectors
If you have modified the SendSafely Zendesk Dropzone Connector source code, the standard migration process may not apply directly.
Instead, update the authentication portion of your customized connector to use OAuth in place of API token authentication while preserving your custom functionality.
SendSafely will provide documentation describing the code changes required. Because every customized deployment is different, you should review these changes before upgrading.
What SendSafely is doing
To help customers transition smoothly, SendSafely will:
- Release updated AWS Lambda, Google Cloud Platform, and Microsoft Azure connector packages that authenticate using OAuth on July 17, 2026
- Publish migration documentation for existing deployments on July 17, 2026
- Prioritize proactive outreach to customers whose connectors have seen little or no recent activity and may be at greater risk of disruption due to inactive API credentials.
- Prepare migration guidance for customers who have customized or modified the connector source code.
Need assistance?
If you have questions about your deployment or need assistance migrating your connector to OAuth authentication, please contact SendSafely Support. Our team can help determine the appropriate migration path for your environment.
Comments
0 comments
Article is closed for comments.