Hi Freshdesk community.
I am having issue with oauth with Client credentials flow, basically app is used for Microsoft Business Central data entry for tracking hours in business central and currently in business central they only allow client credentials flow and Freshdesk only support authorization code flow.
I was somehow make with working with the web services key but unfortunately web services key will not longer work after 1st Oct and for this i will need to update the app to oauth authentication.
Any help will be appreciated.
Also i have read the similar thread but unfortunately that doesn’t help as token will refresh.
we also got this problem, it seems that freshdesk is not supporting auth via global token
I’m not aware of the Microsoft Business Central application.
Freshdesk only supports basic authentication with the API key. Currently, support for OAuth is not available. We do not have any estimated timeline for when it will be available.
Please contact Freshdesk support if you need any solution for this problem or to get to know the estimated timeline for OAuth’s availability.
i dont get it why this is not on your timeline it’s a standard since 2007 i think
I can see in the docs of custom app that we are allowed to use Oauth but only grant type with authorization code, not with client credentials.
We need it because microsoft is going to stop support for Api Web Services Key which currently we are using. I see on the other thread they had mentioned that we can use custom iparam page for that but there is a security risk and also that’s only possible if the token is not refreshed.
Please let me know if we can do something with this or is there a way to achieve this? because Business central is currently not supporting the authorization code flow.
@Raviraj do get any information or a person who is able to give us more information?
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
Hi @itnextg and @newaf91018,
Freshworks developer platform only supports 3-legged-OAuth and not 2-legged-OAuth which the “client_credentials” grant type comes under. There’s no way to achieve this OAuth handshake natively.
You can make a direct POST call to get the access token and store it in the key-value storage and use it. When the token expires, the same process can be repeated to get a new token.
There’s a caveat that it will increase the number of API requests and key-value storage usage based on the traffic.