API Reference
The external ticket API is mounted under /api/v1. Most ticket endpoints require an active API client and the matching scope.
Authentication
curl -H "Authorization: Bearer tpk_your_token" \
http://localhost/SupportDesk/public/api/v1/tickets
Use either Authorization: Bearer or X-Api-Key. Missing tokens return 401. Inactive or invalid tokens return 401. Missing scopes return 403.
Idempotency
Mutating API requests can include Idempotency-Key. The app caches the response for the same client, endpoint, scope, and payload. Reusing a key for a different payload returns 409.
Ticket Endpoints
| Method | Path | Scope | Purpose |
|---|---|---|---|
| GET | /tickets/lookups | tickets.read | Departments, categories, priorities, statuses, agents, organizations, tags, issue groups, context providers, and bulk actions. |
| POST | /tickets/suggestions/preview | tickets.read | Preview draft suggestions. |
| GET | /tickets | tickets.read | Paginated ticket list with filters. |
| POST | /tickets | tickets.write | Create an internal-style ticket. |
| POST | /tickets/requester-intake | tickets.write | Create a requester/public-style ticket. |
| GET | /tickets/{ticket} | tickets.read | Read ticket detail. |
| PUT | /tickets/{ticket} | tickets.write | Update ticket metadata and custom fields. |
| POST | /tickets/bulk-update | tickets.bulk | Bulk assign, department, status, or priority changes. |
| POST | /tickets/{ticket}/transition | tickets.transitions | Change ticket status. |
| POST | /tickets/{ticket}/reply | tickets.reply | Add customer-facing reply. |
| POST | /tickets/{ticket}/note | tickets.write | Add internal note. |
| POST | /tickets/{ticket}/attachments | tickets.attachments | Upload attachments. |
| GET | /tickets/{ticket}/attachments/{attachment} | tickets.attachments | Download an attachment. |
Webhook Delivery Endpoints
| Method | Path | Scope | Purpose |
|---|---|---|---|
| GET | /webhooks/deliveries | webhooks.read | List delivery records. |
| POST | /webhooks/deliveries/{webhookDelivery}/replay | webhooks.write | Replay an outbound delivery. |
| POST | /webhooks/inbound/ticket-updates | webhooks.write | Receive an external ticket update and map it to reply or note. |
Create Ticket Example
curl -X POST http://localhost/SupportDesk/public/api/v1/tickets \
-H "Authorization: Bearer tpk_your_token" \
-H "Idempotency-Key: create-ticket-1001" \
-H "Accept: application/json" \
-F "subject=Cannot login" \
-F "description=The requester sees an access denied message." \
-F "department_id=1" \
-F "category_id=4" \
-F "priority_id=2" \
-F "status_id=1"
Public Update and Update Delivery APIs
The update service exposes license activation, remote update check, and update download endpoints under /api/v1. These are product-update endpoints, not general ticket integration endpoints. Do not expose update tokens beyond trusted update infrastructure.
Screenshots To Add
These placeholders are intentionally kept in the docs so release screenshots can be dropped in later without changing the written guide for API Reference.