Desk360 API is a Representational State Transfer (REST) structure that provides operations such as:
◾
Reading
◾
Modifying
◾
Adding data
from your help desk.
Desk360 APIs also support Cross-Origin Resource Sharing (CORS).
✨
HTTP Methods
The list of API commands used by Desk360
Command
Description
GET
Fetches object(s)
POST
Creates an object
PUT
Updates/Modifies an object
All API requests must reach the secure endpoint i.e. HTTPS only
💨
Rate Limit
This rate limit applies based on IP address.
The limits will be company based rather than IP based in the future.
Plan
Rate Limit/Minute
Free
10
Business
100
Enterprise
Up to your demand. For further requests, contact us.
Make sure to apply the rate limit-best practices and it stays within the rate limit.
Make sure to make API calls in a safe layer such as your backend, notfront-end or your mobile application.
Remind that even invalid requests are included in the rate limit.
Check your current rate limit status by looking at the following HTTP headers returned in response to each API request:
1
HTTP/1.1200OK
2
Content-Type:application/json
3
X-RateLimit-Limit:180
4
X-RateLimit-Remaining:178
Copied!
Title
Description
X-RateLimit-Limit
Total number of API calls allowed per minute.
X-RateLimit-Remaining
The number of requests remaining in the current rate limit window.
X-RateLimit-Reset
The reset time in Unix epoch time format.
Retry-After
The number of seconds you should wait in order to trigger your next API request.
This header is returned only when the rate limit is reached.
If your API request is received after the rate limit is reached, Desk360 will return an error in the response. The Retry-After value in the response header will tell you how long to wait before sending another API request.
1
HTTP/1.1200OK
2
Content-Type:application/json
3
Retry-After:26
Copied!
🚀
Getting Started
🔒
Authentication
Who can access my helpdesk? Can anyone see my data?
Before prioritizing a ticket or responding to a user or using any of the APIs listed above, you must authenticate or log in as you sign in to your helpdesk web portal.
To authenticate the request, you can use your personal. You can access this API key directly from the panel, or you can obtain your API token with a request with your username and password.
All Desk360 API endpoints (except login) need this token in order to respond to your request.
Option 1: Obtain your token with a request.
If you enable password access from your Desk360 Panel / Settings / API you can directly use v1/login endpoint in order to create/obtain an API token. This API will return an API token if it is already created, if not it will auto-generate a token and returns it.
To make it secure, the maximum wrong login attempt is fixed to 5 per minute.
Correct attempts do not affect the limits.
get
https://api.desk360.com
/v1/login
Login
cURL
C#
Java
JavaScript
PHP
Python
1
curl --location --request POST 'https://api.desk360.com/v1/login'\
The following endpoints are supported with attachments:
◾
Replying to a ticket
◾
Adding a note to a ticket
Please follow the guidelines listed below:
Only files on a local machine can be added using the API. You can not use links!
Content-Type should always be multi-part/form-data for attached requests.
❌
Errors
I received an error. How can I solve it?
API requests that cause errors will return an appropriate HTTP status code to help determine the type of error. You can use the following table to understand what each code means:
HTTP Status Code
Status Code Definition
Description
400
Client or Validation Error
The request body/query string is not in the correct format.
For example, the Create a ticket API requires the email field to be submitted as part of the request, and if it is missing, this status code is returned.
401
Authentication Failure
This indicates that the Authorization field is either missing or incorrect.
The request contains an invalid ID / Desk360 domain or invalid parameters in the URL.
For example, an API call to retrieve a ticket with an invalid ID will return an HTTP 404 status code to inform you that no such ticket exists.
405
Method not allowed
This API request has used the wrong HTTP method.
For example, a DELETE requested on /products endpoint will return an HTTP 405 as /products allows only GET requests.
406
Unsupported Accept Header
Only application/json and */* are supported. When uploading files multipart/form-data are supported.
415
Unsupported Content-type
Only application/json is supported.
429
Rate Limit Exceeded
The API rate limit allowed for your Desk360 domain has been exhausted. Check Rate Limit.
500
Unexpected Server Error
You can't do much more here. This indicates an error on the Desk360 side. Please email us your API script with response headers. We will contact you and fix this issue as soon as possible.
Sample error response
In addition to the HTTP status code, most errors also return a response with more information to help you troubleshoot the error. An example error response is shown below. The format of the error response is explained after the example.
1
"error": {
2
"code": "failed_validation",
3
"message": "The status field is required."
4
"doc_url": "https://docs.desk360.com/api"
5
}
6
}
Copied!
Error Response Fields
Field
Description
code
Custom error code that is machine-parseable.
message
Descriptive error message.
doc_url
A link to guide you if there is a solution on the documentation.
Error Codes
Code
Description
authentication_exception
Authentication failed. The token is missing or invalid. Do not forget to put "Bearer" in the beginning of your token. eg: "Bearer YOUR-API-TOKEN"
method_not_allowed_exception
If the method and endpoint is mismatched, you will get this error. Please check the endpoint method. eg: Products only allows GET method.
not_found_exception
You may have made a typo in your request URL.
model_not_found_exception
Requested resource not found, the resource maybe deleted or maybe the resource is not yours.
internal_server_error
The error is coming from our servers. If you have been receiving this error message for a while, contact us.
You can enable password access from your Desk360 Panel Settings. Check Authentication to learn how to enable password access.
too_many_attempts
If you entered your email/password wrong more than 5 times, you should wait for a minute.
not_authorized
You do not have permission to modify the resource.
not_found
Requested resource not found, the resource maybe deleted or maybe the resource is not yours.
status_update_failed
Status update failed. You can only set Resolved (1) or Waiting (2), also, if the ticket is resolved you can not change the reason.
facebook_integration_error
instagram_integration_error
twitter_integration_error
Check your integration is still active from your Desk360 Panel. If it is active and you getting the error, the issue might be coming from Facebook/Twitter servers.
email_error
There is an error while sending the email. The email might be invalid.
non_custom_type
You can not update/delete non-custom types.
failed_validation
This is a validation error, please read the message and apply what it says.
📄
Pagination
API responses that return a list of objects are paginated, for example, View Ticket List. Add the parameter page to the query string to navigate through the pages. The page number starts from 1 and each page is fixed to show 20 objects.
If you are on the last page the link header will not be filled.
✅
Best Practices
Whenever it is possible, please queue API calls on your side. This allows you to buffer recent calls to avoid reaching the rate limit. Once you reach the rate limit, retry API calls after the retry period.
Whenever it is feasible, cache the data that does not change much on your side. For example, the mapping between agent name and ID is extremely unlikely to change, so it is a useful approach to cache this data to avoid the rate limit.
Avoid making API calls directly from a mobile app, instead, send the request to your servers and make API calls from there. This ensures that if an API endpoint is changed, you can make and deploy the change on your server instead of updating your application and forcing your users to the latest version.
🎫
Products & Tickets
Apart from its competitors, Desk360 enables its customers to manage multiple products under one account. Therefore, for the ticket transactions, you must first determine the product under which you will perform these transactions. For exampleproducts/1/tickets shows tickets for the product with the Product ID 1.
var data =JSON.stringify({"name":"John Doe","email":"[email protected]","reason_id":1,"description":"Hello World!","status":1,"assign_to_agent_id":2});