Zendesk MCP | API Key Zendesk connector for AI agents

CALL ANY TOOL

Create, update, reply, and search tickets. Manage users and organizations. Same toolkit, every framework, no auth plumbing.

zendesk_search_tickets

Search tickets

Search Zendesk tickets using full Zendesk query syntax with pagination (max 1,000 results).

Parameters

Name

Type

Required

Description

query

string

Required

Search query using Zendesk syntax (e.g. status:open priority:urgent)

page

number

Optional

Pagination page number

per_page

number

Optional

Results per page, max 100

sort_by

string

Optional

Sort field

sort_order

string

Optional

Sort direction: asc or desc

zendesk_ticket_create

Create ticket

zendesk_ticket_get

Get ticket

zendesk_ticket_reply

Reply to ticket

zendesk_ticket_update

Update ticket

zendesk_ticket_comments_list

List ticket comments

Build your Agent

Drop the toolkit in, point it at the agent, and your automation can triage, reply, and escalate Zendesk tickets from the first run.

Copied

import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["zendesk"], toolNames: ["zendesk_search_tickets", "zendesk_ticket_get", "zendesk_ticket_reply"] },
  pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  schema: z.object({}).passthrough(),
  func: async (args) => {
    const { data } = await sk.tools.executeTool({
      toolName: t.tool.definition.name,
      identifier: "user_123",
      params: args,
    });
    return JSON.stringify(data);
  },
}));

const agent = createReactAgent({ llm, tools: lcTools });

Copied

import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["zendesk"], toolNames: ["zendesk_search_tickets", "zendesk_ticket_get", "zendesk_ticket_reply"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  type: "function",
  function: {
    name: t.tool.definition.name,
    description: t.tool.definition.description,
    parameters: t.tool.definition.input_schema,
  },
}));

const resp = await openai.responses.create({
  model: "gpt-4o", input: prompt, tools: llmTools,
});

import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["zendesk"], toolNames: ["zendesk_search_tickets", "zendesk_ticket_get", "zendesk_ticket_reply"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
  model: "claude-sonnet-4-6", max_tokens: 1024,
  tools: llmTools,
  messages: [{ role: "user", content: prompt }],
});

Copied

import { Agent } from "@google/adk/agents";
import {
  MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
  connectionParams: new StreamableHTTPConnectionParams({
    url: "https://mcp.scalekit.com/zendesk",
    headers: { Authorization: `Bearer ${userScopedToken}` },
  }),
});

const agent = new Agent({
  name: "agent", model: "gemini-2.0-flash",
  tools: await toolset.getTools(),
});

Try these prompts

Paste any prompt into your agent to automate Zendesk support workflows.

Triage & escalation

Copy the prompt

Copied

List all urgent tickets unassigned in the last 24 hours.

Copy the prompt

Copied

Which open tickets have no reply in more than 48 hours?

Copy the prompt

Copied

Find all tickets tagged [bug] with priority high.

Copy the prompt

Copied

Show me all tickets from [customer name].

Action & replies

Copy the prompt

Copied

Reply to ticket #[id]: [response text].

Copy the prompt

Copied

Assign ticket #[id] to [agent email].

Copy the prompt

Copied

Close all solved tickets older than 30 days.

Copy the prompt

Copied

Add tag [escalated] to ticket #[id].

Reporting & insights

Copy the prompt

Copied

How many open tickets are there by priority?

Copy the prompt

Copied

List all tickets created today grouped by type.

Copy the prompt

Copied

What is the average first reply time this week?

Copy the prompt

Copied

Show all tickets assigned to [agent name] with status open.

SEE HOW AUTH WORKS

Users authorize Zendesk once. Their help desk credentials stay vaulted, every call is checked, and every action is logged.

1

Authorize

Your user connects

Zendesk

once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access

Who:

user ‘A’

when:

Once per user

access:

Limited to user

2

Store

Their

Zendesk

token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection

vault:

encrypted

scope:

per-user

tokens:

auto-refreshed

3

Resolve

When your agent calls a

Zendesk

tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs

speed:

~40ms

check:

before every call

seen by:

nobody

4

Audit

Every

Zendesk

tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it

history:

90 days

export:

SIEM-ready

logged:

every call

Test other agents

Same per-user auth pattern across other support agents and MCP connectors. Working code, live demos, fork what fits.

SUPPORT

Support ticket automation (Google ADK)

Google ADK agent that classifies Zendesk tickets, pulls Notion context, and posts to Slack. End-to-end ticket handoff.

SUPPORT

Support triage agent

Read Zendesk tickets, fetch runbooks from Notion, and route to the right Slack channel with a drafted response.

Why Scalekit

Secure your agent's access. Connectors ship in minutes

Other connector libraries treat auth as a demo afterthought. Scalekit starts with agent identity, scope enforcement, and audit.

01.

Tickets updated under the wrong agent

A shared Zendesk token looks fine in a demo. In production, every ticket reply, update, and assignment logs as the integration account. SLA attribution breaks. Per-agent CSAT and throughput metrics break. Scalekit resolves the support agent's own credential, so Zendesk sees the right person on every action.

// shared bot token
token = "sk_zendesk_shared_xxx"
audit → bot_service_account
agent_filter → broken

// scalekit · per-user
token = resolve(user_id)
audit → user_abc
scope → enforced ✓

02.

Authentication is not authorization

03.

Multi-tenancy is architectural

04.

Zendesk today. Freshdesk, Intercom, Jira tomorrow.

“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”

Venu Madhav Kattagoni

Head of Engineering / Von

FAQs

Frequently Asked Questions

Does the agent access Zendesk as the user or as a shared key?

As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.

Where is the Zendesk api key stored?

In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.

Can I limit what the agent is allowed to do in Zendesk?

Yes. Pass a tool name filter to listScopedTools so the support agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Zendesk.

What happens when a user revokes Zendesk access?

The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.

Can the agent reply on behalf of an agent without their seat?

No. Each Zendesk agent authorizes once with their own credential. Replies and updates show the actual agent in audit logs. Seat licensing and role permissions are unchanged.

Zendesk

Tools your support agent reaches for on Zendesk, scoped per user.