What is API key based authentication

API based authentication is a more secure way to authenticate your API transactions. API keys are more immune to attacks from intruders.


Starting 31st August 2021 Freshdesk will stop supporting username and password based authentication and will be moving to API based authentication as a standard across Freshworks products.


What will change


There is no immediate impact, however, if you are using basic authentication using username/password in your webhooks or any custom apps or any API transaction in Freshdesk, you may have to switch the authentication method to API key-based authentication.


How do I find my API key in Freshdesk

You can find your API key by going to the Profile Settings page in your Freshdesk account.




Sample CURL Command


Here’s an example of how the CURL command will look while using the two types of authentication.


While using username and password based authentication,


curl -v -u user@yourcompany.com:test -H "Content-Type: application/json" -d '{ "description": "Details about the issue...", "subject": "Support Needed...", "email": "tom@outerspace.com", "priority": 1, "status": 2, "cc_emails": ["ram@freshdesk.com","diana@freshdesk.com"] }' -X POST 'https://domain.freshdesk.com/api/v2/tickets'


While using API based authentication,


curl -v -u yourapikey:X -H "Content-Type: application/json" -d '{ "description": "Details about the issue...", "subject": "Support Needed...", "email": "tom@outerspace.com", "priority": 1, "status": 2, "cc_emails": ["ram@freshdesk.com","diana@freshdesk.com"] }' -X POST 'https://domain.freshdesk.com/api/v2/tickets'


While configuring a webhook:


Please select the API key option as displayed below.