Open in app

Sign in

Write

Sign in

Updates to the authentication flow

Rohan Khandelwal
Freshworks Developer Platform Blog
Published in
2 min readDec 27, 2018
Photo by CMDR Shane on Unsplash

We are glad to announce app authentication enhancements on the Freshworks Developer Platform. The platform initially supported account-level authentication, which takes place during app installation, using an administrator’s credentials. This level of authentication is not sufficient for apps that make API requests to third-party services, within the context of an individual agent. Therefore, we have added agent-level authentication to the platform and this update applies to Freshdesk apps that use OAuth 2.0 for authentication.

Example scenarios to choose between agent-level and account-level authentication

Account-level authentication is used when organizations need to provide equal access to information to all agents, like CRM tools.

Customers using file sharing apps, such as Box, Dropbox, and Google Drive, may want each support group to have access to different folders and files. In such cases, agent-level authentication is required.

Collaboration tools, such as Zoom and Teamviewer, have restrictions on the number of meetings scheduled/started by one user and require agent-level authentication to bypass these limitations.

Agent-level OAuth flow

When an administrator installs the app, authorization is skipped and agent-level authorization is done when each agent accesses the app for the first time.

The access tokens generated for each agent are,

  • Managed by the Developer Platform and do not require developer intervention.
  • Encrypted and stored in the browser’s local storage.
  • Accessed using <%= access_token %>, which is the format to retrieve account-level OAuth 2.0 tokens.

Configure agent-level OAuth

For agent-level OAuth, set token_type to agent as shown in the following oauth_config.json snippet:


{
    "client_id"    : "xxxxx-xxxx-xxxxx-xx",
    "client_secret": "yyyyy-yyyy-yyyyy-yy",
    "authorize_url": "https://login.acme.com/authorize",
    "token_url"    : "https://login.acme.com/token",
    "options": {
        "scope": "read"
    },
    "token_type": "agent"
}

If you have any questions about the updates, reach out to us at marketplace@freshworks.com. Follow us on @FWMarketplace.

Oauth
Platform
Authentication
Authorization
Announcements

--

--

Rohan Khandelwal
Freshworks Developer Platform Blog

Written by Rohan Khandelwal

11 Followers
Writer for

Product Manager, Freshworks Marketplace

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams