With Zendesk phasing out API tokens, SendSafely has updated our Zendesk Dropzone Connector for AWS Lambda to use OAuth 2.0 instead. Zendesk's deadlines for this cutover are detailed here. To keep your connector functional, please follow these steps to update it before your deadline passes.
Prerequisites
- An admin of your AWS instance who can update a Lambda function and edit entries in Secrets Manager.
- An admin of your Zendesk instance who can access the Admin Center.
- A zip file containing updated Lambda code, provided by your SendSafely account rep.
Step 1: Update your Lambda code
- Navigate to your connector in AWS Lambda.
- On the Code tab, click Upload from, and select the zip file provided by your SendSafely account rep.
- Choose the file and click Save.
Step 2: Create an OAuth client in Zendesk
Note. You may wish to perform this step with a shared/admin service account rather than one tied to a specific employee, as Zendesk attributes API activity from this client to whoever created it.
- In the Zendesk Admin Center, navigate to Apps and integrations > APIs > OAuth clients.
- Click Add OAuth client.
- Enter the following:
-
Name.
SendSafely Dropzone Connector(or similar) - Client Kind: Confidential. Required for the connector's server-to-server authentication to work.
-
Redirect URLs. This field isn't used by the connector. If Zendesk requires it to proceed, enter your Zendesk portal URL (e.g.,
https://yourcompany.zendesk.com) as a placeholder, otherwise leave it blank.
-
Name.
- Click Save.
- Copy the Secret immediately, as Zendesk only displays it once. If you navigate away before copying it, you'll need to generate a new one.
Step 3: Update AWS Secrets Manager
- Navigate to your connector's secret (e.g.,
{your-prefix}-SendSafely-Zendesk-Secrets) in AWS Secrets Manager. - Click Retrieve secret value > Edit.
-
Add or update the following key/value pairs:
{ "zendesk_oauth_client_id": "YOUR_ZENDESK_IDENTIFIER", "zendesk_oauth_client_secret": "YOUR_ZENDESK_SECRET", "zendesk_oauth_scope": "read write" } - Save
Step 4: Test the connector
Test the connector by making a Dropzone submission to a test ticket. If the upgraded connector successfully updates the ticket, proceed to Step 5. If not, reach out to your SendSafely account rep for assistance.
Step 5: Retire your old API token
Once you've confirmed OAuth is working:
- Remove the old
zendesk_user_api_tokenkey/value pair from the connector's secret in AWS Secrets Manager. - In Zendesk Admin Center, go to Apps and integrations > APIs > Zendesk API, and deactivate the API token.
Comments
0 comments
Please sign in to leave a comment.