How to retrieve ticket history in Zoho Desk

Retrieving ticket history in Zoho Desk is done via a dedicated API endpoint that returns a chronological log of all changes made to a given ticket. Here at Beam Help — independent expert support for Zoho (not official Zoho support) — we walk you through exactly how to call it and what to have in place first.

Why this matters

When a support ticket passes through multiple agents, status changes, or priority updates, you need a reliable audit trail to understand what happened and when. The ticket history endpoint gives you that full record programmatically, making it useful for reporting, compliance checks, or debugging unexpected ticket states. If you are building an integration or automation on top of Zoho Desk, this is often one of the first data points you will want to surface.

Step-by-step

Step 1. Confirm your OAuth scopes are configured correctly.

Before making any API call, your connected application must have the right permissions granted. For ticket history specifically, you need at minimum the Desk.tickets.READ scope authorised on your OAuth client. Broader access can be granted with Desk.tickets.ALL, which covers read, write, create, update, and delete operations on tickets. ^[2]

Step 2. Obtain a valid access token.

Your integration authenticates using OAuth 2.0. If your current access token has expired, you must refresh it by posting to the Zoho token endpoint with your clientid, clientsecret, and refreshtoken using granttype: refreshtoken. A successful response returns a new accesstoken along with an expiresin value (typically 3600 seconds) that you should store alongside a calculated tokenexpires_at timestamp so you know when to refresh again. ^[8]

Step 3. Identify your organisation ID (org_id).

Zoho Desk API calls require an orgId header to route requests to the correct portal. If you have not stored this yet, you can discover it by calling the organisations endpoint and reading the id field from the first item in the returned data array. Once retrieved, persist it so you do not need to look it up on every request. ^[4]

Step 4. Call the ticket history endpoint.

Send an authenticated GET request to the following path, substituting the real ticket identifier:

GET /api/v1/tickets/{ticket_id}/history

The operation name for this call is gettickethistory. You pass the ticket_id as a path parameter. An optional p parameter can be supplied as a query dictionary for pagination or filtering purposes. ^[3]

A minimal Python example looks like this:

# Assuming `client` is an initialised ZohoDeskClient
history = client.request("GET", f"/api/v1/tickets/{ticket_id}/history", p, None)

Where p is either None or a dict of additional query parameters. ^[3]

Step 5. Navigate to the ticket in the Zoho Desk UI (optional verification).

If you want to cross-check the API response against what is visible in the browser, the direct URL pattern for a ticket detail page follows this structure:

https://desk.zoho.{dc}/agent/{portal}/tickets/details/{ticket_id}

Replace {dc} with your data centre suffix (e.g., com, eu, in), {portal} with your portal name or org ID, and {ticket_id} with the numeric ticket identifier. ^[7]

Common pitfalls

• Missing or incorrect orgId: If the org_id is blank or wrong, the API will fail to route your request to the right Desk portal. Always verify it is stored and non-empty before making ticket calls. ^[4]
• Insufficient OAuth scopes: Requesting history with only write or create scopes will result in an authorisation error. Ensure Desk.tickets.READ or Desk.tickets.ALL is explicitly included in your scope string. ^[2]
• Expired access token: Tokens expire after approximately one hour. If you receive an authentication error, check your tokenexpiresat value and trigger a refresh before retrying. ^[8]
• Wrong data centre domain: Zoho operates across multiple regional data centres. If your account is on the EU or IN data centre, your API base URL and OAuth token URL must use the matching regional suffix, not the default .com domain. ^[7]

What to check

• Confirm that Desk.tickets.READ (or Desk.tickets.ALL) appears in your authorised OAuth scope list before making the call. ^[2]
• Verify that a valid, non-expired accesstoken and a non-empty deskorg_id are both present in your connection record before calling the history endpoint. ^[4]
• Cross-reference at least one history entry from the API response against the ticket's activity log in the Zoho Desk agent interface to confirm the data is returning correctly. ^[7]