TehProf Support API
REST API for managing support tickets, clients, operators and integrations.
Base URL: https://support.tehprof.kz/api/
Overview
All API endpoints accept JSON request bodies (POST) and return JSON responses.
Every request includes an action parameter that specifies the operation.
{
"action": "list_tickets",
"status": "active",
"page": 1
}
Successful responses:
{
"ok": true,
"data": { ... }
}
Error responses:
{
"ok": false,
"error": "Error description"
}
How to Get an API Key
Follow these steps to create your API key:
| # | Step |
|---|---|
| 1 | Log in to the admin panel (via Bitrix24 app or standalone login at tenant.html) |
| 2 | Navigate to Settings → Integrations |
| 3 | Click the REST API card |
| 4 | Click "Create Key", choose a name, scopes, and expiration |
| 5 | Copy the key immediately — it is shown only once! |
Note: Only users with the
admin role can create API keys. Requires Starter plan or higher.API Access by Plan
API access level depends on your subscription plan:
| Plan | Max Keys | Available Scopes | Rate Limit |
|---|---|---|---|
| Free | — | Widget API only | — |
| Starter | 1 | read, tickets | 60/min |
| Pro | 3 | read, write, tickets, messages, clients | 120/min |
| Business | 10 | read, write, tickets, messages, clients | 300/min |
| Enterprise | ∞ | All scopes (including webhooks) | 600/min |
Scopes:
read — read data, write — create/update, tickets — ticket operations, messages — messages, clients — clients/contacts, webhooks — outgoing webhooks management.Authentication
1. API Key (Recommended for integrations)
Pass your API key via X-Api-Key header. This is the recommended method for external integrations.
POST /api/admin.php
Content-Type: application/json
X-Api-Key: tps_your_api_key_here
{"action": "list_tickets"}
Security: API keys provide access only to your tenant's data (tickets, messages, clients). Admin settings, platform configuration, and other tenants' data are never accessible via API keys.
2. Session Cookie
Login via admin_login action with your tenant email/phone and password. The server sets an httpOnly session cookie.
POST /api/admin.php
Content-Type: application/json
{"action": "admin_login", "login": "admin@company.kz", "password": "your_password"}
3. Bitrix24 OAuth
Used when embedded as a Bitrix24 app. Pass domain and auth_token.
{"action": "list_tickets", "domain": "your.bitrix24.kz", "auth_token": "..."}
4. Mobile Session (HMAC)
Lightweight token-based auth for mobile/external apps. Pass via X-Mobile-Token header or mobile_token in request body.
Important: API keys grant
operator-level access only. You can read and manage tickets, messages, clients — but NOT access admin settings, billing, branding, or platform configuration.Error Handling
| HTTP Code | Meaning |
|---|---|
| 200 | Success (check ok field in response) |
| 400 | Bad request — missing/invalid parameters |
| 403 | Forbidden — authentication failed or insufficient permissions |
| 500 | Internal server error |
Legend:
POST = HTTP method
API Key = available via X-Api-Key header
Admin UI = available only through admin panel (not via API key)
Tickets
POST /api/admin.php API Key
List tickets with filtering and pagination. Scope: read + tickets
| Parameter | Type | Description |
|---|---|---|
| action | string | "list_tickets" |
| status | string | Filter: active | new | in_progress | done | all |
| priority | string | Filter: normal | urgent | low |
| category | string | Filter by category code |
| search | string | Search by subject/description |
| portal_domain | string | Filter by client portal |
| assigned_to | int | Filter by assigned operator ID |
| page | int | Page number (default: 1) |
| limit | int | Items per page (default: 30, max: 100) |
Response: list_tickets
{
"ok": true,
"data": {
"tickets": [
{
"id": 42,
"subject": "CRM не синхронизируется",
"status": "in_progress",
"priority": "urgent",
"category": "crm",
"portal_domain": "client.bitrix24.kz",
"company_name": "ТОО Рога и Копыта",
"assigned_to": 5,
"assigned_name": "Алия Нурбекова",
"created_at": "2026-03-19T10:30:00.000Z",
"updated_at": "2026-03-20T08:15:00.000Z",
"creator_name": "Иван Петров",
"message_count": 7,
"unread_count": 2
}
],
"total": 156,
"page": 1,
"limit": 30
}
}
POST /api/admin.php API Key
Get single ticket with all messages and files. Scope: read + tickets
| Parameter | Type | Description |
|---|---|---|
| action | string | "get_ticket" |
| ticket_id | int | Ticket ID |
Response: get_ticket
{
"ok": true,
"data": {
"ticket": {
"id": 42,
"subject": "CRM не синхронизируется",
"description": "После обновления контакты не подтягиваются...",
"status": "in_progress",
"priority": "urgent",
"category": "crm",
"portal_domain": "client.bitrix24.kz",
"assigned_to": 5,
"assigned_name": "Алия Нурбекова",
"created_at": "2026-03-19T10:30:00.000Z",
"sla_response_at": "2026-03-19T11:00:00.000Z",
"sla_response_breached": false
},
"messages": [
{
"id": 101,
"message": "После обновления контакты не подтягиваются...",
"author_type": "client",
"author_name": "Иван Петров",
"is_note": false,
"created_at": "2026-03-19T10:30:00.000Z",
"files": []
},
{
"id": 102,
"message": "Проверяю настройки синхронизации, отпишу через 10 минут",
"author_type": "support",
"author_name": "Алия Нурбекова",
"is_note": false,
"created_at": "2026-03-19T10:45:00.000Z",
"delivery_status": "read",
"files": []
}
],
"files": []
}
}
POST /api/admin.php API Key
Create a new ticket. Scope: write + tickets
| Parameter | Type | Description |
|---|---|---|
| action | string | "create_ticket" |
| subject | string | Ticket subject (required) |
| description | string | Ticket description (required) |
| priority | string | normal | urgent | low |
| category | string | Category code (crm, telephony, whatsapp, setup, bugfix, other...) |
| portal_domain | string | Client portal domain (to assign ticket to a client) |
Response: create_ticket
{
"ok": true,
"data": {
"id": 43,
"subject": "Новая заявка из мониторинга",
"status": "new",
"created_at": "2026-03-20T09:00:00.000Z"
}
}
POST /api/admin.php API Key
Update ticket fields. Scope: write + tickets
| Parameter | Type | Description |
|---|---|---|
| action | string | "update_ticket" |
| ticket_id | int | Ticket ID |
| subject | string | New subject |
| priority | string | New priority |
| category | string | New category |
| status | string | New status |
| assigned_to | int | Assign to operator ID |
Ticket Lifecycle Actions API Key: write + tickets
| Action | Parameters | Description |
|---|---|---|
| take_ticket | ticket_id | Assign ticket to current user |
| reassign_ticket | ticket_id, assigned_to | Reassign to another operator |
| set_estimate | ticket_id, hours, description | Set time/cost estimate |
| complete_ticket | ticket_id, result | Mark as done with result text |
| hold_ticket | ticket_id | Put on hold (pause SLA timer) |
| resume_ticket | ticket_id | Resume from hold |
| reopen_ticket | ticket_id | Reopen closed/done ticket |
Messages
POST /api/admin.php API Key
Add message to ticket. Scope: write + messages
| Parameter | Type | Description |
|---|---|---|
| action | string | "add_message" |
| ticket_id | int | Ticket ID |
| message | string | Message text (required) |
| is_note | bool | Internal note — not visible to client (default: false) |
File uploads: Use
multipart/form-data with files[] field. Max file size depends on plan (5–100 MB).| Action | Scope | Parameters | Description |
|---|---|---|---|
| edit_message | write + messages | message_id, message | Edit message text |
| delete_message | write + messages | message_id | Soft-delete a message |
Response: dashboard
{
"ok": true,
"data": {
"total_open": 12,
"total_new": 3,
"total_in_progress": 7,
"total_done": 2,
"total_on_hold": 1,
"avg_response_min": 18,
"avg_resolution_hours": 4.5,
"sla_compliance_pct": 92,
"per_portal": [
{ "portal_domain": "client.bitrix24.kz", "company_name": "ТОО Рога и Копыта", "open": 5, "new": 1 },
{ "portal_domain": "other.bitrix24.kz", "company_name": "ИП Сидоров", "open": 7, "new": 2 }
]
}
}
Clients & Contacts
POST /api/admin.php API Key
Scope: read + clients
| Action | Parameters | Description |
|---|---|---|
| list_clients | — | List all client portals with settings and ticket stats |
| list_contacts | — | List all contacts (name, phone, email, photo) |
| client_settings | portal_domain, data{} | Update client settings (scope: write + clients) |
| create_client_token | portal_domain, user_id, user_name, ttl | Generate passwordless access token for a client (scope: write + clients). See Client Token. |
Response: list_clients
{
"ok": true,
"data": [
{
"portal_domain": "client.bitrix24.kz",
"company_name": "ТОО Рога и Копыта",
"tariff_plan": "standard",
"hours_per_month": 20,
"hours_used": 12.5,
"ticket_stats": { "open": 5, "done_month": 8, "total": 47 }
}
]
}
Operators
POST /api/admin.php API Key
Scope: read (list only — management requires admin panel)
| Action | Parameters | Description |
|---|---|---|
| list_operators | — | List all operators for your tenant (name, role, department) |
Dashboard & Analytics
POST /api/admin.php API Key
Scope: read
| Action | Parameters | Description |
|---|---|---|
| dashboard | — | Quick stats: open, new, done, in_progress counts + per-client breakdown |
| dashboard_analytics | days (default: 30) | Extended analytics: daily trends, SLA stats, category breakdown, average resolution time |
| report_tickets | days (default: 30) | All tickets for period with full details (for export/BI) |
| report_operators | days (default: 30) | Operator performance: assigned, done, avg response time, CSAT score |
Knowledge Base
POST /api/admin.php API Key
Scope: read
| Action | Parameters | Description |
|---|---|---|
| list_kb_articles | — | List all KB articles (title, status, views, created_at) |
Reference Data
POST /api/admin.php API Key
Scope: read
| Action | Parameters | Description |
|---|---|---|
| get_tariff_plans | — | Active tariff plans (hours, rates, SLA) |
| list_tags | — | All tags (name, color) |
| get_sla_rules | — | SLA rules per priority (response time, resolution time) |
| get_business_hours | — | Business hours schedule and timezone |
| list_quick_replies | — | Canned responses (title, content, shortcut) |
| list_macros | — | Text macros (title, content) |
| notif_count | — | Unread notification count |
| get_notifications | limit (default: 20) | List notifications |
Admin-Only Endpoints
Not available via API Key. These endpoints require admin panel login (Session Cookie, B24 OAuth, or Tenant Token). They manage platform settings and are not accessible via REST API keys.
| Category | Actions |
|---|---|
| Operators Management | add_operator, remove_operator, update_operator_role, toggle_operator_edit |
| Channels | create_channel, update_channel, delete_channel, get_channels_status |
| Branding / White-Label | get_branding, save_branding, reset_branding |
| Automation | list_triggers, save_trigger, delete_trigger |
| Tariff Management | create_tariff, update_tariff, delete_tariff, save_business_hours |
| KB Management | create_kb_article, update_kb_article, delete_kb_article |
| Tags Management | create_tag, delete_tag, add_ticket_tag, remove_ticket_tag |
| Demo Mode | check_demo_status, enable_demo, get_plan_features |
| API Key Management | list_api_keys, create_api_key, revoke_api_key, regenerate_api_key |
| Ticket Merge | merge_tickets (supervisor+) |
| Ticket Delete | delete_ticket, bulk_delete_tickets (supervisor+) |
| Platform (HEAD_ADMIN) | list_tenants, update_tenant, list_error_logs, demo_analytics |
Client API
Client-facing API for end-users. Authenticated via B24 OAuth or Client Token (X-Client-Token header).
POST /api/client.php B24 / Client Token
| Action | Parameters | Description |
|---|---|---|
| create_ticket | subject, description, priority, category | Create ticket |
| list_tickets | page, search, status | List own tickets |
| get_ticket | ticket_id | View ticket details + messages |
| add_message | ticket_id, message | Reply to ticket |
| accept_ticket | ticket_id | Accept/close ticket |
| reopen_ticket | ticket_id | Reopen ticket |
| approve_estimate | ticket_id | Approve time/cost estimate |
| client_dashboard | — | Dashboard stats |
| kb_articles | search | Browse knowledge base |
| submit_csat | ticket_id, rating (1-5) | Submit satisfaction rating |
Widget API
Public API for the embeddable support widget (no user auth, API key only).
POST /api/widget.php API Key
Pass widget API key as api_key parameter.
| Action | Parameters | Description |
|---|---|---|
| create_ticket | name, email, phone, subject, description | Create ticket from widget |
| check_status | ticket_id, email | Check ticket status |
| add_reply | ticket_id, email, message | Add reply to ticket |
| get_messages | ticket_id, email | Get ticket messages |
Widget Embed Code
<script src="https://support.tehprof.kz/widget/loader.js" data-api-key="YOUR_WIDGET_API_KEY" data-lang="ru"></script>
Channel Webhooks
Receive incoming messages from external channels.
POST /api/channel-webhook.php?type={type} Public
| Type | Webhook URL | Description |
|---|---|---|
| /api/channel-webhook.php?type=whatsapp | Evolution API webhook (messages.upsert) | |
| telegram | /api/channel-webhook.php?type=telegram | Telegram Bot API webhook |
| /api/channel-webhook.php?type=email | Incoming email (Mailgun/SendGrid format) |
WhatsApp: Configure your Evolution API instance to send webhooks to
https://support.tehprof.kz/api/channel-webhook.php?type=whatsappTelegram: Set webhook via
https://api.telegram.org/bot{TOKEN}/setWebhook?url=https://support.tehprof.kz/api/channel-webhook.php?type=telegramClient Token (Passwordless Access)
Generate a token for your client to access the support portal without login. Perfect for embedding support into your own portal.
POST /api/admin.php API Key
Create a client token for passwordless access.
| Parameter | Type | Description |
|---|---|---|
| action | string | "create_client_token" |
| portal_domain | string | Client portal domain (required) |
| user_id | int | Client user ID (0 for anonymous) |
| user_name | string | Display name (default: "Client") |
| ttl | int | Token lifetime in seconds (300–604800, default: 86400 = 24h) |
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{"action":"create_client_token","portal_domain":"client.bitrix24.kz","user_id":123,"user_name":"John"}'
Response:
{
"ok": true,
"data": {
"token": "ct_eyJ0IjoxLCJwI...",
"expires_in": 86400,
"portal_url": "https://support.tehprof.kz/index.html?ctoken=ct_...",
"embed_url": "https://support.tehprof.kz/embed.html?ctoken=ct_..."
}
}
Security: Client tokens provide read/write access only to the specified client's tickets. The client sees only their own data within their portal. Admin settings are never accessible.
Embed (iframe)
Embed the support portal into your website or application using an iframe with a client token.
Quick Embed
<iframe src="https://support.tehprof.kz/embed.html?ctoken=CLIENT_TOKEN_HERE" style="width:100%;height:600px;border:none;border-radius:8px" allow="microphone;camera;display-capture" ></iframe>
Dynamic Token (Server-Side)
Your backend generates a fresh token for each user session:
// Your backend (Node.js example)
app.get('/support', async (req, res) => {
const response = await fetch('https://support.tehprof.kz/api/admin.php', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-Api-Key': 'tps_your_api_key'
},
body: JSON.stringify({
action: 'create_client_token',
portal_domain: 'client.bitrix24.kz',
user_id: req.user.id,
user_name: req.user.name,
ttl: 28800 // 8 hours
})
});
const { data } = await response.json();
res.render('support', { embedUrl: data.embed_url });
});
Important: Never expose your API key (
tps_...) in client-side JavaScript. Generate tokens server-side only. Client tokens (ct_...) are safe for the browser — they are scoped to one user and expire.Quick Start Examples
Copy-paste these examples to get started quickly. Replace tps_your_key with your actual API key.
1. List all open tickets
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{"action":"list_tickets","status":"active"}'
2. Create ticket from monitoring alert
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{
"action": "create_ticket",
"subject": "Server CPU > 90%",
"description": "Alert from Zabbix: host prod-01, CPU 94% for 5 min",
"priority": "urgent",
"category": "infrastructure",
"portal_domain": "client.bitrix24.kz"
}'
3. Reply to a ticket
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{
"action": "add_message",
"ticket_id": 42,
"message": "Fixed. CPU dropped to 35% after restarting the service."
}'
4. Close a ticket
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{
"action": "complete_ticket",
"ticket_id": 42,
"result": "Service restarted, monitoring confirmed normal operation"
}'
5. Get dashboard stats (for your TV/BI dashboard)
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{"action":"dashboard"}'
6. Generate client access token (embed support into your portal)
curl -X POST https://support.tehprof.kz/api/admin.php \
-H "Content-Type: application/json" \
-H "X-Api-Key: tps_your_key" \
-d '{
"action": "create_client_token",
"portal_domain": "client.bitrix24.kz",
"user_id": 123,
"user_name": "Иван Петров",
"ttl": 28800
}'
Ticket State Machine
new → estimated → in_progress → done → closed
↕ on_hold
closed → reopened → in_progress
Categories
| Code | Description |
|---|---|
| crm | CRM |
| telephony | Telephony / SIP |
| WhatsApp / Messengers | |
| tasks | Tasks |
| automation | Automation / Business Processes |
| setup | Configuration / Setup |
| bugfix | Bug fix |
| consultation | Consultation |
| other | Other |
| general | General (from channels) |
TehProf Support API Documentation © 2026 — tehprof.kz