And found the option to add applications in the configurations /#system/api
But I couldn’t find any doc elaborating on this further (e.g. how to set App-ID and secret, which endpoints exactly to call to receive a token etc.)
Does anyone have any idea where I find information to get into it a bit further?
(Use case: I would like to use an authentication in a little external webapp which has no data-backend, i.e. without having to set up an extra user database/identitiy provider… In the future I want to implement various ways to interact via the zammad api from there but for a start I want to realize the user administration with zammad).
Hi Valentin, same situation and issue here. I’d love to have more detailed documentation but cannot find any except the ones you linked.
I found a couple more information by simply clicking through Zammad.
You can register an application at Settings > API > Applications (OAuth Authentication)
I don’t understand why but you can find/change ClientID and Secret by clicking the view column after registering an application.
You can find the URLs for oauth at the bottom of the page.
I was able to successfully authorize my application with a users Zammad account using /oauth/authorize?client_id={app-id in Zammad}&client_secret={secret in zammad}&redirect_uri={my callback url}
Unfortunately the /oauth/tokens endpoint does not seem to exist in my case as well as there is no documentation on how to exchange the code for an access token.