Tickiti

List responses API

This article and the rest of the API documentation in this section are written for a technical audience — integrators and developers connecting external systems to Tickiti. Familiarity with HTTP, REST, JSON and bearer-token authentication is assumed.

The responses endpoint returns just the conversation on a ticket — the same responses array Show ticket returns, without the ticket header. Use it when you already know the ticket and only need its replies: to read the thread including internal staff notes, or to enumerate a response’s attachments before downloading one.

Endpoint

POST /api/v1/tickets/responses

Headers

  1. Authorization: Bearer YOUR_TOKEN — required. Token must have the tickets:read ability. A tickets:write token also works (write implies read).
  2. Content-Type: application/json — required. No Idempotency-Key is needed (this is a read).

Body

Required fields:

  1. ticket_number — the 6-digit number of the ticket whose responses to list. The ticket must exist and be in a queue the acting user can see.

Example

curl -X POST https://support.sole-provider.example/api/v1/tickets/responses \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "ticket_number": "220009"
  }'

Successful response

An ordered responses array (pinned first, then oldest to newest), identical in shape to the array Show ticket returns. Includes internal staff notes (is_internal: true), which is the value over the summary-only List tickets endpoint.

{
  "ok": true,
  "data": {
    "ticket_number": 220009,
    "responses": [
      {
        "id": "41",
        "is_internal": true,
        "is_pinned": false,
        "staff_response": true,
        "created_by_email": "priya.sharma@sole-provider.example",
        "created_at": "2026-05-02T10:05:11+00:00",
        "updated_at": "2026-05-02T10:05:11+00:00",
        "is_email_sourced": false,
        "html": "<p>Internal note: replacement authorised.</p>",
        "plain_text": "Internal note: replacement authorised.",
        "attachments": []
      }
    ]
  }
}

Error responses

  1. 422 validation_failedticket_number missing.
  2. 404 not_found — no ticket has that number.
  3. 401 unauthenticated — bad or missing token.
  4. 403 forbidden — token lacks the tickets:read (or tickets:write) ability, the user it acts as lacks access to the ticket’s queue, or the token owner is not a staff account.

What happens server-side

  1. Tickiti locates the ticket by ticket_number and applies the same queue-access check as the staff interface.
  2. It returns every non-deleted response on the ticket — public and internal — each with its attachment metadata.