# Zendesk

Teleskope supports two Zendesk authentication modes:

1. API token
2. OAuth client credentials

## API Token

Provide the following values during enrollment:

| Field     | Value                                                                                                                                                                     |
| --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Subdomain | Your Zendesk subdomain. For `https://acme.zendesk.com`, use `acme`.                                                                                                       |
| Email     | The Zendesk user email associated with the API token.                                                                                                                     |
| API Key   | Zendesk API token created for that user. Follow Zendesk's [instructions](https://support.zendesk.com/hc/en-us/articles/4408889192858-Managing-access-to-the-Zendesk-API). |

## OAuth Client Credentials

Teleskope's Zendesk OAuth support uses the `client_credentials` grant type. It does not use an authorization-code redirect flow and does not require a refresh token.

### Create the OAuth client in Zendesk

In Zendesk Admin Center:

1. Go to `Apps and integrations` -> `APIs` -> `OAuth clients`.
2. Create or edit an OAuth client.
3. Set `Client kind` to `Confidential`.

Capture the following values from the Zendesk OAuth client:

| Zendesk UI Label | Teleskope Field | Notes                                               |
| ---------------- | --------------- | --------------------------------------------------- |
| Identifier       | Client ID       | Zendesk uses `Identifier` as the OAuth `client_id`. |
| Secret           | Client Secret   | Zendesk OAuth client secret.                        |

Also provide:

| Field     | Value                                                                |
| --------- | -------------------------------------------------------------------- |
| Subdomain | Your Zendesk subdomain. For `https://acme.zendesk.com`, use `acme`.  |
| Scope     | `read` for scan-only, or `read write` for scanning plus remediation. |

### Recommended scopes

| Teleskope Usage          | Scope        |
| ------------------------ | ------------ |
| Scanning only            | `read`       |
| Scanning and remediation | `read write` |

`impersonate` is not required.

### Enrollment values in Teleskope

When selecting `OAuth` in the Zendesk enrollment flow, enter:

| Teleskope Field | Value                             |
| --------------- | --------------------------------- |
| Client ID       | Zendesk OAuth client `Identifier` |
| Client Secret   | Zendesk OAuth client `Secret`     |
| Subdomain       | Zendesk subdomain                 |
| Scope           | `read` or `read write`            |

### Token behavior

Teleskope exchanges the client credentials for a bearer token at Zendesk's token endpoint:

`https://{subdomain}.zendesk.com/oauth/tokens`

No manual access token entry is required during enrollment.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.teleskope.ai/connectors/saas/zendesk.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.