How to send authorization data when creating a ticket?


  • Used Zammad version: 2.8.x
  • Used Zammad installation source: package
  • Operating system: Debian
  • Browser + version: Mozilla

How to send authorization data when creating a ticket?
Login/Password or auth link to ticket

The user will automatically be prompted for his username and password, before he can access Zammad.
If you’re referencing to Zammad’s API, you can use an API-Key or HTTP authentication.

I’m sure our Documentation might bring you forward here:

How get user password in triggers template?
#{ticket.customer.password} have password HASH

That’s because Zammad does store the passwords hashed (in the user table).
You can’t change that and I honestly wouldn’t recommend trying to workaround that.

Storing passwords in cleartext is bad practise.

Ok. How can I send a link to authorize a user via HTTP authentication?

The user has to type in his password during a log in.
What are you planning to do?

Please describe your use case, maybe we’ll find a solution then.

I want create fast login link to ticket in Create ticket email message

So you want to pass the authentication in the clickable link? Something like https://zammad.mydomain.local/%USER&&%PASSWORD% ? (pseudo)

Have you considered implementing SSO? I might be wrong but i think some people did it with an apache server.


1 Like

I agree, this is single sign on and would be the better way in doing it.
Passing on user credentials (especially via URL) is a very bad idea and leads to potential security issues (and the loss of control that I really am the correct user)

As far as I know, you need apache with kerberos for this.
You could take a look at this github issue, this might lead you into the right direction:

1 Like

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.