Currently, when configuring external data sources in Zammad that require HTTP token authentication, the token prefix is fixed as “Bearer”.
However, some APIs, such as BookStack, require the Authorization header to use a different prefix, for example:
Authorization: Token <tokenid>:<tokenkey>.
This causes integration failures with 401 errors because Zammad sends the header with “Bearer” and does not allow changing this prefix.
As a temporary workaround, a proxy must be created to modify the header or BookStack’s code must be altered, which is neither practical nor scalable.
I would like Zammad to allow configuring the token prefix in the HTTP authentication for external data sources, enabling selection between “Bearer”, “Token”, or a custom value.
This would facilitate direct integrations with APIs using different authorization schemes, improving flexibility and eliminating the need for external workarounds.
In my environment, multiple agents and support teams use Zammad, and this improvement would greatly simplify managing integrations with external systems.