---
title: "Zendesk Ticketing API: Auth, Endpoints & Rate Limits"
description: "How the Zendesk Ticketing API works: token and OAuth auth, ticket and user endpoints, rate limits, pagination, and Knit's unified API."
source_url: "https://www.getknit.dev/blog/zendesk-ticketing-api"
page_type: "blog"
---

_This is an educational blog post from Knit's blog: “Zendesk Ticketing API: Auth, Endpoints & Rate Limits”._

# Zendesk Ticketing API: Auth, Endpoints & Rate Limits

The Zendesk Ticketing API (part of Zendesk's Support API, under `/api/v2/`) is the REST interface for managing tickets, users, organizations, and views in a Zendesk account. It authenticates with an API token (Basic auth) or an OAuth access token (Bearer), returns JSON, and is rate-limited per minute based on your Zendesk plan.

This page covers how authentication works, the endpoints and objects you'll use most, rate limits and pagination, and where Knit's [unified API](https://getknit.dev/integration-categories/ticketing-api) fits if you're connecting Zendesk alongside other ticketing tools.

## Authentication

Zendesk supports two authentication methods: **API tokens**, sent as Basic auth using `{email}/token:{api_token}`, and **OAuth access tokens**, sent as `Authorization: Bearer <access_token>`. API token access must be explicitly enabled by an admin before tokens work, and OAuth is required if you're distributing an integration to multiple Zendesk accounts ([Zendesk Developer Docs, Security and authentication](https://developer.zendesk.com/api-reference/introduction/security-and-auth/)).

For the full walkthrough - enabling token access, generating a token, and a working curl example - see [How to Get a Zendesk API Token](https://getknit.dev/integration/zendesk-ticketing/api-key).

## Core objects and endpoints

| Resource | Example endpoint | What it's for |
| --- | --- | --- |
| Tickets | `GET/POST/PUT /api/v2/tickets.json`, `/api/v2/tickets/{id}.json` | Create, read, update, and list support tickets |
| Users | `GET /api/v2/users.json`, `/api/v2/users/{id}.json` | List or look up agents, admins, and end users |
| Organizations | `GET /api/v2/organizations.json` | List and manage customer organizations |
| Search | `GET /api/v2/search.json?query={query}` | Query tickets, users, and organizations with a unified search syntax |
| Ticket comments | `GET /api/v2/tickets/{id}/comments.json` | Read the conversation history on a ticket |
| Views | `GET /api/v2/views/{id}/execute.json` | Run a predefined ticket view (saved filter) |
| Incremental exports | `GET /api/v2/incremental/tickets/cursor.json` | Bulk-export tickets (or users/organizations) changed since a point in time |

## Common tasks

*   **Create a ticket**: `POST /api/v2/tickets.json` with a `ticket` object containing `subject`, `comment.body`, and a `requester` (email or ID).
*   **Update a ticket**: `PUT /api/v2/tickets/{id}.json` with the fields to change, such as `status` or `priority` - note the 30-updates-per-10-minutes-per-agent limit on this endpoint.
*   **List or search tickets**: `GET /api/v2/search.json?query=type:ticket status:open` for filtered results, or `GET /api/v2/tickets.json` for all tickets with pagination.
*   **Read a ticket's conversation**: `GET /api/v2/tickets/{id}/comments.json` returns the public and internal comments on a ticket in order.
*   **Bulk-sync changed records**: use the incremental export endpoints (`/api/v2/incremental/tickets/cursor.json`, etc.) to pull everything changed since a given timestamp - the recommended approach for keeping an external system in sync.

## Rate limits and pagination

Zendesk's Support and Help Center API rate limits depend on your plan, documented at [developer.zendesk.com/api-reference/introduction/rate-limits](https://developer.zendesk.com/api-reference/introduction/rate-limits/):

| Plan | Requests per minute |
| --- | --- |
| Team | 200 |
| Growth / Professional | 400 |
| Enterprise | 700 |
| Enterprise Plus / High Volume add-on | 2,500 |

Every response includes `X-Rate-Limit` and `X-Rate-Limit-Remaining` headers (Ticketing endpoints also add `ratelimit-limit`, `ratelimit-remaining`, and `ratelimit-reset`). Exceeding the limit returns `429 Too Many Requests` with a `Retry-After` header. Some endpoints carry their own tighter limits regardless of plan - for example, the **Update Ticket** endpoint allows only 30 updates to the same ticket by the same agent within 10 minutes, and incremental export endpoints are capped at 10 requests/minute (30 with the High Volume add-on).

For pagination, Zendesk recommends **cursor pagination**: pass `page[size]` (max 100) and follow `links.next` until `meta.has_more` is `false`. The older offset pagination (`page=N&per_page=...`) is capped at the first 100 pages / 10,000 records - requests beyond that return `400 Bad Request` ([Zendesk Developer Docs, Pagination](https://developer.zendesk.com/api-reference/introduction/pagination/)).

## Build it yourself vs. use a unified API

Calling the Zendesk API directly works well for a single account: enable token access, handle the Basic-auth encoding, and watch the per-minute and per-endpoint rate limits. It gets more involved once you're connecting Zendesk alongside other ticketing systems - each with its own auth scheme, object model, and pagination style.

Knit's [unified Ticketing API](https://getknit.dev/integration-categories/ticketing-api) normalizes Zendesk tickets, users, and comments alongside connectors like Freshdesk, Intercom, and Jira behind one schema, handles the token/OAuth setup described in the [Zendesk API token guide](https://www.getknit.dev/blog/zendesk-ticketing-api-key), and manages rate-limit backoff for you. See Knit's Zendesk Ticketing connector for what's available, or [book a demo](https://getknit.dev/book-demo) to see it against your own account. You can also [sign up free](https://dashboard.getknit.dev/signup) and connect a sandbox Zendesk account.

## FAQ

**Is the Zendesk Ticketing API a REST API?**

Yes - it follows REST conventions under `/api/v2/`, using GET, POST, PUT, and DELETE on resource URLs with JSON bodies. It's part of Zendesk's broader Support API, which also includes the Help Center API (separate rate limit) and Side Conversations API.

**How do I authenticate to the Zendesk Ticketing API?**

Use either an API token with Basic auth (`{email}/token:{api_token}`, base64-encoded) or an OAuth access token sent as `Authorization: Bearer <token>`. API token access must be turned on by an admin in Admin Center before tokens work. See the Zendesk API token guide for setup steps.

**How do I sync all my Zendesk tickets into another system?**

Use the incremental export endpoints (`/api/v2/incremental/tickets/cursor.json` and equivalents for users and organizations), which return everything changed since a given timestamp using cursor-based pagination — designed for bulk sync rather than one-off queries. These endpoints have their own tighter rate limit (10/minute, or 30/minute with the High Volume add-on). Knit's unified API exposes equivalent sync primitives across ticketing connectors without needing endpoint-specific incremental-export logic.

**What happens if I exceed Zendesk's API rate limits?**

Zendesk returns `429 Too Many Requests` with a `Retry-After` header specifying how many seconds to wait. The `X-Rate-Limit` and `X-Rate-Limit-Remaining` headers on every response let you monitor usage before hitting the limit. Limits range from 200 to 2,500 requests/minute depending on your plan, and some endpoints (like ticket updates) have their own separate caps. Knit handles this backoff automatically across the Zendesk connections it manages.


## Related pages

- [How Knit works](https://md.getknit.dev/how-knit-works)
- [Unified API product](https://md.getknit.dev/products/unified-api)
