Zendesk Token

Description

General

Documentation: https://developer.zendesk.com/rest_api
Summary: Zendesk helps companies to manage customer relationships with support and sales tools. The Zendesk APIs give programmatically access to Zendesk features and enable to integrate external services with it. To authenticate a request, an application needs a user email and an API token. This detectors aims at catching this pair of credentials. With a valid API token, it is possible to access and edit customers listing, read and send messages from and to customers or access most of Zendesk features.
IPs allowlist: As of the time of writing this documentation, this feature is not available.
Scopes: As of the time of writing this documentation, this feature is not available.

Revoke the secret

To revoke a secret, go the Settings then API and revoke from here (<your_domain>.zendesk.com/agent/admin/api/settings).

Check for suspicious activity

To check for suspicious activity go to the Activity tab in the API settings page (<your_domain>.zendesk.com/agent/admin/api/activity).

Details for `Zendesk token full domain`

Family: Api
Category: CRM
Company: Zendesk
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 3
Occurrences found for one million commits: 0.18
Prefixed: False
PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - zendesk

Examples

- text: |
    uri=https://mysuperdomain.zendesk.com
    key=ubVBohcplaG55iiRCL3y91Wc1fOWUTX9n7oEjiGS
    user=someone@my-awesome-company.com

  subdomain: mysuperdomain
  client_id: someone@my-awesome-company.com
  client_secret: ubVBohcplaG55iiRCL3y91Wc1fOWUTX9n7oEjiGS
- text: uri=https://mysuperdomain.zendesk.com key=ubVBohcplaG55iiRCL3y91Wc1fOWUTX9n7oEjiGS user=someone@my-awesome-company.com

  subdomain: mysuperdomain
  client_id: someone@my-awesome-company.com
  client_secret: ubVBohcplaG55iiRCL3y91Wc1fOWUTX9n7oEjiGS

Details for `Zendesk token`

Family: Api
Category: CRM
Company: Zendesk
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: True
Minimum number of matches: 3
Occurrences found for one million commits: 0.28
Prefixed: False
PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - zendesk
- type: ContentWhitelistPreValidator
  patterns:
    - subdomain

Examples

- text: |
    const ZENDESK_USER = 'someone@mysupersubdomain.com'
    const ZENDESK_API_TOKEN = 'bvwDavE1oEhomexv8vUqGwsWxOmEedV6FlKmTZvb'
    const ZENDESK_SUBDOMAIN = 'mysupersubdomain'
  client_id: someone@mysupersubdomain.com
  client_secret: bvwDavE1oEhomexv8vUqGwsWxOmEedV6FlKmTZvb
  subdomain: mysupersubdomain
- text: |
    env('ZENDESK_USER', 'bscm@yay.awesome')
    env('ZENDESK_TOKEN','4CrWCZYrwAaS0Ie241y2ONMuQGFty9p5XUchHghv'),
    env('ZENDESK_SUBDOMAIN', 'anotherone')
  subdomain: anotherone
  client_id: bscm@yay.awesome
  client_secret: 4CrWCZYrwAaS0Ie241y2ONMuQGFty9p5XUchHghv
- text: const ZENDESK_USER = 'someone@mysupersubdomain.com' const ZENDESK_API_TOKEN = 'bvwDavE1oEhomexv8vUqGwsWxOmEedV6FlKmTZvb' const ZENDESK_SUBDOMAIN = 'mysupersubdomain'

  client_id: someone@mysupersubdomain.com
  client_secret: bvwDavE1oEhomexv8vUqGwsWxOmEedV6FlKmTZvb
  subdomain: mysupersubdomain