Deleting a task attachment in Zoho Desk via the API requires a single DELETE request targeting the specific task and attachment identifiers — no request body is needed.
Why this matters
When automating Zoho Desk workflows or building integrations, you may need to programmatically remove outdated or incorrectly uploaded files from tasks. Cleaning up task attachments keeps records tidy and prevents agents from acting on stale information. This is especially relevant for teams running scripts or custom back-office tools against the Zoho Desk API.
> Note: Beam Help is an independent expert support resource — not official Zoho support.
---
Step-by-step
Step 1. Confirm your OAuth scopes are in place.
Before making any API call, ensure your OAuth token includes the Desk.tasks.ALL or Desk.tasks.DELETE scope. Without the correct task-level permission, the API will reject the request. You can verify or update your scope list in your OAuth client configuration. [7]
Step 2. Gather the required identifiers.
You need two values before calling the endpoint:
taskId— the unique identifier of the task that holds the attachment.attachmentId— the unique identifier of the specific file you want to remove.
Both IDs are returned when you list or retrieve tasks and their attachments through the Zoho Desk API. Store them as strings, since the endpoint treats them as path parameters. [1]
Step 3. Send the DELETE request.
Issue an HTTP DELETE to the following endpoint, substituting your real IDs:
DELETE /api/v1/tasks/{taskId}/attachments/{attachmentId}Include your OAuth bearer token in the Authorization header. No request body is required. [1]
Using the Python helper pattern, the call looks like this:
response = desk_client.delete_task_attachment(
taskId="your_task_id",
attachmentId="your_attachment_id"
)A successful response indicates the attachment has been permanently removed from the task. [1]
Step 4. Handle the response.
A 204 No Content or equivalent success status confirms deletion. If you receive an error, check that both IDs are correct and that the token scope covers task deletions. [1] [7]
---
Common pitfalls
- Wrong endpoint for the wrong resource. Zoho Desk exposes separate attachment-deletion endpoints for tickets (
/api/v1/tickets/{ticketid}/attachments/{attachmentid}), ticket threads (/api/v1/tickets/{ticketid}/threads/{threadid}/attachments/{attachment_id}), accounts (/api/v1/accounts/{accountId}/attachments/{attachmentId}), Help Center articles, and transition drafts. [4] [5] [3] [6] [8] Using a ticket attachment endpoint when you mean to delete a *task* attachment will either fail or silently target the wrong record — always use/api/v1/tasks/{taskId}/attachments/{attachmentId}for task attachments. [1]
- Insufficient OAuth scope. The
Desk.tasks.DELETEorDesk.tasks.ALLscope must be present in your token. If you only granted read or write scopes, the deletion call will be rejected. [7]
- Mixing up
taskIdandattachmentId. These are distinct identifiers. Passing an attachment ID where a task ID is expected (or vice versa) will result in a not-found error. Double-check both values before calling the endpoint. [1]
- Product attachment endpoint confusion. There is a separate endpoint for deleting attachments on *products* (
/api/v1/products/{productId}/attachments/{attachmentId}), which is unrelated to tasks. [2] Do not confuse the two.
---
What to check
- Correct endpoint path: Verify your request targets
/api/v1/tasks/{taskId}/attachments/{attachmentId}and not a ticket, account, or product variant. [1] - Valid OAuth token scope: Confirm
Desk.tasks.ALLorDesk.tasks.DELETEis included in the scopes granted to your OAuth client. [7] - Accurate IDs: Cross-reference both
taskIdandattachmentIdagainst a fresh API list call to ensure neither has changed or been miscopied. [1]