I am developing a ticket sidebar app that needs to communicate with my endpoint. Since zendesk has a couple of tokens available (settings, OAuth..) which is the best for this case?
This depends on how you authenticate to your external API. Zendesk supports basic authentication and OAuth flow using authorization token.
Here is an example for authentication using pre-generated access token: first, store the token in manifest.json file
{
...
"parameters": [
{
"name": "token",
"type": "password",
"required": true,
"secure": true
}
]
}
Then, set the authorization header:
headers: {"Authorization": "Bearer {{setting.token}}"}, and add a secure: true property to the request options:
var options = {
url: 'https://www.example.com/api/v2/endpoint.json',
headers: {"Authorization": "Bearer {{setting.token}}"},
secure: true,
type: 'GET',
contentType: 'application/json'
};
var client = ZAFClient.init();
client.request(options).then(...);
For OAuth authorization flow (recommended), zendesk will handle the flow for you. All you need is enter the client details in manifest file. See https://developer.zendesk.com/documentation/apps/app-developer-guide/using-the-apps-framework/#using-oauth