FR - Auto-Create Client + Ticket via API for Web Leads

digibandit

We need a single API endpoint that creates clients AND tickets in one call. Currently we're duct-taping multiple API calls together just to get website leads into ITFlow. A unified endpoint would let us connect CF7 forms, kiosks, and chatbots directly without custom glue code.

Summary

Requesting a new API endpoint that enables:

Smart client creation - Create new client if email doesn't exist, use existing if it does
Immediate ticket creation - Automatically create and link ticket to the client
Single API call - No more complex multi-step integrations

Use Cases

Perfect for streamlining intake from:

Website forms (Contact Form 7, Gravity Forms, Elementor)
Walk-in kiosks and storefront tablets
Chatbots and marketing funnels
Landing pages and lead magnets

Current Problem: Requires 2+ separate API calls:

POST /clients/ - Create or find client
POST /tickets/ - Create ticket with client ID
Custom logic to handle duplicate clients, error handling, etc.

This makes integration with low-code tools unnecessarily complex.

Proposed Solution

Endpoint: POST /api/v1/leads/

Example Request:

$$
{
"client_name": "Jane Doe",
"client_email": "jane@example.com",
"client_phone": "506-555-1234",
"ticket_subject": "Request for Service",
"ticket_details": "My laptop is stuck on a black screen.",
"source": "Web Contact Form",
"agreement": true
}
$$

Expected Behavior:

Check if client exists (by email)
Create client if new (using provided data)
Create ticket linked to client
Return standard ticket response (ID, status, etc.)

Authentication: Standard Bearer token (same as existing API routes)

Nice-to-Have Features

Auto-tagging tickets from this endpoint (e.g., lead, web-intake)
File attachment support (base64 or URLs)
Auto-assignment to default user/department/queue
Duplicate handling options (merge vs. create new)

wrongecho

Hey digibandit

Thanks for the feature suggestion 🙂. This overall concept is something I have considered before.

Our own Sponsor Support signup page requires 2+ database calls to make everything work and I remember thinking at the time it'd be nice if we had an "all in one" endpoint for onboarding. Most APIs are written like ours where you have to create things one by one - client, then contact, then ticket - but I agree it's annoying when there's a pretty common workflow there.

I'll look into this further and let you know if/when it makes it onto TaskFlow.

Bigbug

do you mind sharing your API script? (without sensitive info of course)
I wanna see how you've done it maybe you aren't using it correctly

digibandit

Bigbug API Script?

Bigbug

digibandit yes. not the entire script, but more or less the part where you interact with your ITFlow API endpoints

digibandit

Bigbug Like, in wordpress? What API script was my question, apologies for the ambiguity.

Bigbug

digibandit how do you interact with the ITFlow API?

digibandit

Bigbug Once it works, ActivePieces, until then primarily php from wordpress (a lead form) or running locally (a touchscreen (and big tv screen) friendly dashboard that we can print ticket receipts from for physical tracking purposes, etc for my repair techs to interact with tickets fast, will post about it once it is wrapped in tarui.)

Happy to share what i have if you are specific enough for me to clue in!

Bigbug

digibandit if you don't mind just explain the structure of the API calls?

digibandit

Bigbug

Kurzgesagt:

Lead (name, email, phone, subject, message, checkbox agreement, turnstile, etc) via contact form.
would be swell just to have lead emailed into our mailbox, but as the contact form uses a domain we own (our primary domain atm) it gets added as a ticket on our internal profile in ITFlow.

The current workaround is to send that lead data to a webhook, that actions a php file that attempts a quick search to see if the email pre-exits in the system, if so it creates a ticket for that customer, if not it creates a customer and a ticket.

None of this is working, hence the plead for an easy solution.

A webhook or leads API would be mint…

Bigbug

digibandit a php file that attempts a quick search to see if the email pre-exits in the system, if so it creates a ticket for that customer, if not it creates a customer and a ticket.

is that the troublesome part? if so, elaborate pls on how the API calls to ITFlow are structured

digibandit

Bigbug

Ok, so, quick aside to preface: I use a plugin, Admin Site Enhancements as a default on all my wordpress websites, it handles a lot, including forms, this is why I am using ASE for this purpose. It has snippets for css, php, html, js, and has contacts forms that support webhooks and SMTP support that I use with SMTP2GO for sending contact form emails etc.

Nitty gritty in wp-config.php and lock it down with cloudflare and wordfence.
ASE webform submission fires a webhook, this webhook is a secure url from a php snippit ran by ASE.
Validates the form is the correct one (form ID 5) and has required data.
Extracts customer info - name, email, phone, and issue description.
Search ITFlow for existing client by email address
Creates new client in ITFlow if one doesn't exist
Creates a support ticket in ITFlow with the form submission details
Sends notification to chat platform (rocket.chat) about the new ticket
Logs everything for debugging and monitoring
Returns JSON response confirming success or failure

This clown is intended to do our bidding but has yet to prove it's worth (still a work in progress)

<?php

/**

 * ASE Pro Webhook Endpoint for ITFlow Integration

*

 * Accessed via: https://dbits.ca/?codex_token=potato

*

 * Add this URL to your ASE Pro form webhook settings:

 * https://dbits.ca/?codex_token=potato

 */

// Start output buffering to capture any errors

ob_start();

// Enable error logging

error_reporting(E_ALL);

ini_set('log_errors', 1);

ini_set('error_log', __DIR__ . '/webhook-errors.log');

// Log incoming webhook

error_log('ASE Webhook: Incoming request at ' . date('Y-m-d H:i:s'));

error_log('ASE Webhook: Request method: ' . $_SERVER['REQUEST_METHOD']);

error_log('ASE Webhook: POST data: ' . print_r($_POST, true));

error_log('ASE Webhook: Raw input: ' . file_get_contents('php://input'));

// Only process POST requests

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {

    http_response_code(405);

    echo json_encode(['error' => 'Method not allowed']);

    exit;

}

// Get form data - ASE Pro might send as JSON or form data

$form_data = $_POST;

if (empty($form_data)) {

    $json_input = file_get_contents('php://input');

    $form_data = json_decode($json_input, true);

}

if (empty($form_data)) {

    error_log('ASE Webhook: No form data received');

    http_response_code(400);

    echo json_encode(['error' => 'No form data received']);

    exit;

}

// Check if this is our kiosk form (form_id = 5)

$form_id = $form_data['form_id'] ?? null;

if ($form_id != 5) {

    error_log('ASE Webhook: Wrong form ID: ' . $form_id);

    http_response_code(200);

    echo json_encode(['message' => 'Form processed but not kiosk form']);

    exit;

}

error_log('ASE Webhook: Processing kiosk form submission');

// Extract form data - try multiple field name patterns

$name_data = $form_data['item_meta'][46] ?? $form_data['item_meta']['46'] ?? $form_data['name'] ?? '';

$client_email = $form_data['item_meta'][47] ?? $form_data['item_meta']['47'] ?? $form_data['email'] ?? '';

$client_phone = $form_data['item_meta'][48] ?? $form_data['item_meta']['48'] ?? $form_data['phone'] ?? '';

$issue_subject = $form_data['item_meta'][49] ?? $form_data['item_meta']['49'] ?? $form_data['subject'] ?? 'New Support Request';

// Handle name field (first/last name structure)

$client_name = '';

if (is_array($name_data)) {

    if (!empty($name_data['first']) && !empty($name_data['last'])) {

        $client_name = trim($name_data['first'] . ' ' . $name_data['last']);

    } elseif (!empty($name_data['full'])) {

        $client_name = trim($name_data['full']);

    } elseif (!empty($name_data['first'])) {

        $client_name = trim($name_data['first']);

    }

} else {

    $client_name = trim($name_data);

}

error_log('ASE Webhook: Extracted - Name: "' . $client_name . '", Email: "' . $client_email . '", Phone: "' . $client_phone . '", Issue: "' . $issue_subject . '"');

// Validate required fields

if (empty($client_name) || empty($client_email)) {

    error_log('ASE Webhook: Missing required fields');

    http_response_code(400);

    echo json_encode(['error' => 'Missing required fields: name and email']);

    exit;

}

// ITFlow API Configuration - FIXED URLS

$itflow_url = 'http://ops.dbits.ca';  // Changed from https to http

$api_key = 'potato';

// Step 1: Get or create client

$client_id = get_or_create_itflow_client($itflow_url, $api_key, $client_name, $client_email, $client_phone);

if (!$client_id) {

    error_log('ASE Webhook: Failed to get or create client');

    http_response_code(500);

    echo json_encode(['error' => 'Failed to create client in ITFlow']);

    exit;

}

error_log('ASE Webhook: Using client ID: ' . $client_id);

// Step 2: Create ticket

$ticket_data = array(

    'client_id' => $client_id,

    'subject' => $issue_subject,

   'details' => 'Ticket created from kiosk form submission.' . "\n\n" .

                'Name: ' . $client_name . "\n" .

                'Email: ' . $client_email . "\n" .

                'Phone: ' . $client_phone . "\n" .

                'Issue: ' . $issue_subject,

    'priority' => 'Medium',

    'status' => 'Open'

);

$response = make_itflow_request($itflow_url . '/api/v1/tickets/', $api_key, 'POST', $ticket_data);

if ($response['success']) {

    $ticket_response = json_decode($response['body'], true);

    $ticket_id = $ticket_response['data']['ticket_number'] ?? 'Unknown';

    error_log('ASE Webhook: Successfully created ticket #' . $ticket_id . ' for client ID: ' . $client_id);

  

    // Send RocketChat notification

    send_rocketchat_notification($client_name, $client_email, $issue_subject, $ticket_id);

  

    // Return success response

    http_response_code(200);

    echo json_encode([

        'success' => true,

        'message' => 'Ticket created successfully',

        'ticket_id' => $ticket_id,

        'client_id' => $client_id

    ]);

} else {

    error_log('ASE Webhook: Ticket creation failed - ' . $response['error']);

    http_response_code(500);

    echo json_encode(['error' => 'Failed to create ticket: ' . $response['error']]);

}

// Helper Functions

function get_or_create_itflow_client($itflow_url, $api_key, $name, $email, $phone) {

    // First, try to find existing client by email

    $search_response = make_itflow_request($itflow_url . '/api/v1/clients/?email=' . urlencode($email), $api_key, 'GET');

  

    if ($search_response['success']) {

        $search_data = json_decode($search_response['body'], true);

  

        if (!empty($search_data['data']) && is_array($search_data['data'])) {

            $client_id = $search_data['data'][0]['client_id'];

            error_log('ASE Webhook: Found existing client ID: ' . $client_id);

            return $client_id;

        }

    }

    // Client doesn't exist, create new one

    $client_data = array(

        'name' => $name,

        'email' => $email,

        'phone' => $phone,

        'type' => 'Contact'

    );

    $create_response = make_itflow_request($itflow_url . '/api/v1/clients/', $api_key, 'POST', $client_data);

    if ($create_response['success']) {

        $client_response = json_decode($create_response['body'], true);

        $client_id = $client_response['data']['client_id'];

        error_log('ASE Webhook: Created new client ID: ' . $client_id);

        return $client_id;

    } else {

        error_log('ASE Webhook: Client creation failed - ' . $create_response['error']);

        return false;

    }

}

function make_itflow_request($url, $api_key, $method = 'GET', $data = null) {

    $curl = curl_init();

  

    $headers = array(

        'Authorization: Bearer ' . $api_key,

        'Content-Type: application/json'

    );

  

    curl_setopt_array($curl, array(

        CURLOPT_URL => $url,

        CURLOPT_RETURNTRANSFER => true,

        CURLOPT_TIMEOUT => 30,

        CURLOPT_CUSTOMREQUEST => $method,

        CURLOPT_HTTPHEADER => $headers,

        CURLOPT_SSL_VERIFYPEER => false,  // Disabled SSL verification for HTTP

        CURLOPT_FOLLOWLOCATION => true,   // Follow redirects automatically

        CURLOPT_MAXREDIRS => 5           // Limit redirects

    ));

  

    if ($data && ($method === 'POST' || $method === 'PUT')) {

        curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));

    }

  

    $response_body = curl_exec($curl);

    $response_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);

    $error = curl_error($curl);

  

    // Log the actual request for debugging

    error_log('ITFlow Request: ' . $method . ' ' . $url);

    error_log('ITFlow Response Code: ' . $response_code);

    error_log('ITFlow Response Body: ' . substr($response_body, 0, 500));

  

    curl_close($curl);

  

    if ($error) {

        return array('success' => false, 'error' => 'cURL Error: ' . $error);

    }

  

    if ($response_code >= 200 && $response_code < 300) {

        return array('success' => true, 'body' => $response_body, 'code' => $response_code);

    } else {

        return array('success' => false, 'error' => 'HTTP ' . $response_code . ': ' . $response_body, 'code' => $response_code);

    }

}

function send_rocketchat_notification($client_name, $client_email, $issue_subject, $ticket_id) {

    $webhook_url = 'https://rocket.chat/hooks/potato/potato';

  

    $message = "**New Support Ticket Created**\n" .

               "**Ticket #:** " . $ticket_id . "\n" .

               "**Client:** " . $client_name . "\n" .

               "**Email:** " . $client_email . "\n" .

               "**Issue:** " . $issue_subject . "\n" .

               "**Source:** Kiosk Form";

    $payload = json_encode(array('text' => $message));

    $curl = curl_init();

    curl_setopt_array($curl, array(

        CURLOPT_URL => $webhook_url,

        CURLOPT_RETURNTRANSFER => true,

        CURLOPT_TIMEOUT => 15,

        CURLOPT_POST => true,

        CURLOPT_POSTFIELDS => $payload,

        CURLOPT_HTTPHEADER => array('Content-Type: application/json')

    ));

    $response = curl_exec($curl);

    $error = curl_error($curl);

    curl_close($curl);

    if ($error) {

        error_log('ASE Webhook: RocketChat notification failed - ' . $error);

    } else {

        error_log('ASE Webhook: RocketChat notification sent successfully');

    }

}

// Clean up output buffer

$output = ob_get_clean();

if (!empty($output)) {

    error_log('ASE Webhook: Unexpected output: ' . $output);

}

?>