Teleskope supports two Zendesk authentication modes:
API token
OAuth client credentials
API Token
Provide the following values during enrollment:
Field
Value
Subdomain
Your Zendesk subdomain. For https://acme.zendesk.com, use acme.
Email
The Zendesk user email associated with the API token.
API Key
Zendesk API token created for that user. Follow Zendesk's instructions.
OAuth Client Credentials
Teleskope's Zendesk OAuth support uses the client_credentials grant type. It does not use an authorization-code redirect flow and does not require a refresh token.
Create the OAuth client in Zendesk
In Zendesk Admin Center:
Go to Apps and integrations -> APIs -> OAuth clients.
Create or edit an OAuth client.
Set Client kind to Confidential.
Capture the following values from the Zendesk OAuth client:
Zendesk UI Label
Teleskope Field
Notes
Identifier
Client ID
Zendesk uses Identifier as the OAuth client_id.
Secret
Client Secret
Zendesk OAuth client secret.
Also provide:
Field
Value
Subdomain
Your Zendesk subdomain. For https://acme.zendesk.com, use acme.
Scope
read for scan-only, or read write for scanning plus remediation.
Recommended scopes
Teleskope Usage
Scope
Scanning only
read
Scanning and remediation
read write
impersonate is not required.
Enrollment values in Teleskope
When selecting OAuth in the Zendesk enrollment flow, enter:
Teleskope Field
Value
Client ID
Zendesk OAuth client Identifier
Client Secret
Zendesk OAuth client Secret
Subdomain
Zendesk subdomain
Scope
read or read write
Token behavior
Teleskope exchanges the client credentials for a bearer token at Zendesk's token endpoint:
https://{subdomain}.zendesk.com/oauth/tokens
No manual access token entry is required during enrollment.
