Hi,
I read about the possibility to use Zammad as an identity provider: (API - Add allowed origin on self-hosted Zammad Server - #7 by thorsteneckel)
And found the option to add applications in the configurations /#system/api
But I couldn’t find any doc elaborating on this further (e.g. how to set App-ID and secret, which endpoints exactly to call to receive a token etc.)
Does anyone have any idea where I find information to get into it a bit further?
(Use case: I would like to use an authentication in a little external webapp which has no data-backend, i.e. without having to set up an extra user database/identitiy provider… In the future I want to implement various ways to interact via the zammad api from there but for a start I want to realize the user administration with zammad).
Thanks a lot
Best Valentin
1 Like
Hi Valentin, same situation and issue here. I’d love to have more detailed documentation but cannot find any except the ones you linked.
I found a couple more information by simply clicking through Zammad.
You can register an application at
Settings
> API
> Applications (OAuth Authentication)
I don’t understand why but you can find/change ClientID and Secret by clicking the view
column after registering an application.
You can find the URLs for oauth at the bottom of the page.
I was able to successfully authorize my application with a users Zammad account using
/oauth/authorize?client_id={app-id in Zammad}&client_secret={secret in zammad}&redirect_uri={my callback url}
Unfortunately the /oauth/tokens
endpoint does not seem to exist in my case as well as there is no documentation on how to exchange the code for an access token.