Important change in API access: Passwords will no longer be used

Zendesk has announced a major change that may impact how you or your team authenticate with their APIs. Starting December 31, 2025, it will no longer be possible to use an email address and password for API access. This change applies to both current and former users of this authentication method.

1) Why is Zendesk removing password-based API access?

The use of passwords for API access is no longer considered a secure practice. By removing this option, Zendesk is taking a critical step toward improving API security, reducing the risk of unauthorized access, and protecting user data from potential threats. This update aligns with industry best practices for API authentication and data protection.

2) What do you need to do?

If you are still using email and password to access the Zendesk API, you must switch to a more secure authentication method before December 31, 2025. Zendesk recommends two secure alternatives:

• API Token – the simplest and fastest solution for most users.

• OAuth – recommended for more complex integrations and systems with multiple users.

In most cases, replacing your password with an API token in your API client will be sufficient. This change requires minimal effort and can be implemented quickly.

Need help switching to secure Zendesk API authentication?

For detailed guidance on how to migrate to API tokens or OAuth, or if you need help configuring your integration, feel free to contact us.