Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Valid API key required trying to create a ticket via API

I'm trying to create a new ticket via API but it always respond me 'Valid API Key required'.

I have setted corretly the API Key, and take like sample the piping email code.

This is my code:


# Configuration: Enter the url and key. That is it.
# url => URL to api/ e.g
# key => API's Key (see admin panel on how to generate a key)

$config = array(

function_exists('file_get_contents') or die('upgrade php >=4.3');
function_exists('curl_version') or die('CURL support required');
#read stdin (piped email)
$data='<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<ticket alert=\"true\" autorespond=\"true\" source=\"API\">
<name>Angry User</name>
<subject>Testing API</subject>
<phone ext=\"123\">318-555-8634</phone>
<message><![CDATA[Message content here]]></message>
<file name=\"file.txt\" type=\"text/plain\"><![CDATA[
File content is here and is automatically trimmed
<file name=\"image.gif\" type=\"image/gif\" encoding=\"base64\">

#set timeout

#curl post
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $config['url']);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_USERAGENT, 'osTicket API Client v1.7');
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Expect:', 'X-API-Key: '.$config['key']));

//Use postfix exit codes...expected by MTA.
$code = 75;
if(preg_match('/HTTP\/.* ([0-9]+) .*/', $result, $status)) {
echo $result;
echo '<br/><br/>';
echo print_r($status);
switch($status[1]) {
case 201: //Success
$code = 0;
case 400:
$code = 66;
case 401: /* permission denied */
case 403:
$code = 77;
case 415:
case 416:
case 417:
case 501:
$code = 65;
case 503:
$code = 69;
case 500: //Server error.
default: //Temp (unknown) failure - retry
$code = 75;


And this is the result:

HTTP/1.1 401 Unauthorized Date: Tue, 16 Apr 2013 08:23:26 GMT Server: Apache/2.4.3 (Win32) OpenSSL/1.0.1c PHP/5.4.7 X-Powered-By: PHP/5.4.7 Set-Cookie: PHPSESSID=6sv6khgcs4sf2g79slielqccf0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Status: 401 Unauthorized Connection: Close Content-Length: 22 Content-Type: text/html; charset=UTF-8 Valid API key required

Array ( [0] => HTTP/1.1 401 Unauthorized [1] => 401 ) 1
This is the configuration of the API key:
API Key is auto-generated. Delete and re-add to change the key.
IP Address:
API Key: 5D42A08394AE6CB5336D2EE5DB42E3DB

The IP is the IP from which the request is made, Is it correct?
What can I do?



  • Nobody can help me? :(
  • Sorry that's not part of osTicket that I have really played with. I've been meaning to try it out to see if I can replicate your issues but haven't had a chance to yet.
  • Don't worry. I've found the problem. It was taken ::1 like the IP, and not the local machine IP.

    Thanks anyway.
  • Hello Jaalarcon,

    Can you tell me how you fixed the IP issue? I think I have the same problem and I could not find out how to fix it. 
    Thanks a lot
  • I've been playing with the API in the last week and have not had a problem with this.  Make sure that you enter the IP address that the request is coming from.
  • Don't worry. I've found the problem. It was taken ::1 like the IP, and not the local machine IP.

    Thanks anyway.
    how did you fix the issue I am still have same your issue would please share us the change on code ?
  • Improper hostname resolution was the problem here for me; Make sure your servers FQDN resolves to locally if using that as the API key's authorized IP as stated in the setup instructions. 

    Otherwise, check your web server logs to see where the request is coming from after running the script and use the requesting IP when setting up your API key.

  • I have the some problem
  • @busne this thread is from 2013.
    Please do not be an evil necromancer.
    Killing zombie thread with a head shot.
This discussion has been closed.