Does Freshworks support OAuth authorization across different organizations?

Hi Freshworks Community,

I’m developing a SaaS application that needs to integrate with multiple Freshworks organizations. I’ve created an OAuth app in one Freshworks organization, but when I try to authorize users from a different Freshworks organization, I’m getting the following error:

https://pulsegen-870596516505059269.myfreshworks.com/org/authorize/error?error=invalid_request&error_id=1NZ0q84nE5ccJIVWzxFMlR

My Setup:

  • OAuth app created in Organization A
  • Trying to authorize users from Organization B
  • Getting invalid_request error during OAuth flow

Questions:

  1. Does Freshworks support cross-organization OAuth? Can an OAuth app created in one organization authorize users from different Freshworks organizations?
  2. If not supported, is this a current limitation or architectural design decision?
  3. What’s the recommended approach for SaaS applications that need to connect with multiple Freshworks organizations? Do we need to create separate OAuth apps in each client organization?
  4. Are there any plans to support cross-organization OAuth in the future?

Expected Behavior: As a SaaS provider, I should be able to create one OAuth app that can authorize users from multiple Freshworks organizations.

Current Workaround: Creating individual OAuth apps in each client organization, but this creates management overhead.

Any guidance or official documentation on this would be greatly appreciated!

Technical Details:

  • Using Freshworks OAuth 2.0 flow
  • Following standard OAuth implementation practices
  • Error occurs specifically during cross-organization authorization

Thanks in advance for your help!
Naman

Hi Naman, thanks for reach out to us.
Wanted to clarify,

  1. You have an oauth credentials created from an organisation
  2. Built an marketplace app with that
  3. Using the credentials, you are trying to authorize another organisation.
    Is the understanding right?

I tried to setup OAuth 2.0 in Freshservice to another Freshservice but it needs a custom header and there are no support for that in Freshservice.

        "customHeaders": {
          "Authorization": "Basic BASE64_ENCODED_VALUE_OF_YOUR_CLIENT_ID:YOUR_CLIENT_SECRET"
        }