API key permission changes suddenly

xelda · February 2, 2022, 1:00pm

Hi

We build an application where we access the freshdesk API
in order to update tickets of a client.

What we get from the client is an API key that has update permissions on tickets.

Everything works fine until suddenly (last time over the change of midnight) the API key suddenly has no permissions anymore - not even reading permission.

For example when requesting the endpoint https://.freshdesk.com/api/v2/tickets
I get the following message.

{
"code": "access_denied",
"message": "You are not authorized to perform this action."
}

The customer did to our knowledge not change any permission of this agent the API key we have from.
It happend over midnight nobody is working then.

Also if our customer resets the api key and gives us the new one its fine for one day until suddendly permissions are gone.

Please help!

Best regards,
Alexander

tejakummarikuntla · February 2, 2022, 7:52pm

Hey Alexander,

If that was an unexpected API key reset, using old API key you should hear back 401 Unauthorised with response body:

{
  "code": "invalid_credentials",
  "message": "You have to be logged in to perform this action."
}

I suspect there’s something to deal with the status of the agent, permissions of the agent’s API key.

xelda · February 3, 2022, 1:10pm

Hi Teja

Yes I agree that the problem is not the reset of the key

but instead the problem is that what I suspect is that key permission changes due to
some bug of the freshdesk API itself.

Again this customer did not change the permissions.

So how can I talk directly with a developer that can help me debug this problem directly?
I think it is of interest to the developers to find this what I suspect is a bug.

Best regards,
Alexander

tejakummarikuntla · February 3, 2022, 1:58pm

Sure Alexander,
Help me understand this a bit more.

Did you get a new/other API key with permissions and face this issue again? Or, Is this the first time you had this issue of Key permission change? If not, please let us know how often you find this behavior?

xelda · February 3, 2022, 2:16pm

Hi again
Thanks for the fast reply.

I think it is the 3rd time this happened.

We got a key. It worked for some time (last time only one day until midnight) and then suddenly no permissions anymore.

Once our customer resets the API key permissions are OK again until suddenly they are gone at a certain point in time. (I only know for sure that last time permission was gone after Jan. 31, 2022, 11p.m. UTC time. The key was reset on the same day = Jan. 31, 2022, 2:44 p.m. UTC time)

Saif · February 4, 2022, 3:02am

@xelda So it’s an agent-level API key? or an Admin one?

Jonathan_Rivera · April 5, 2024, 7:49pm

I have the same issue, but I realized that the token works again if I logged in to my freshdesk site.

Akshat_Uppal · June 10, 2024, 5:16am

The agent for which you are using the credentials should be changed to Full time from Occasional.
Reason : Occasional agent consumes a day pass and to prove that the agent has day pass they require them to login while hitting the API call.