POST/api/v1/tickets/{id}/assets

Product availabilityAlgaPSA

Link an asset to a ticket

Creates an asset_associations row (entity_type=ticket) linking the asset in the request body to the path ticket. Same table GET /api/v1/tickets/{id}/assets and the asset detail UI read, so the link is visible from both sides. relationship_type defaults to affected. The route is authenticated and tenant-scoped via ApiBaseController.authenticate + runWithTenant; it enforces ticket:update plus a per-ticket authorization-kernel check (assertTicketReadAllowed) AND asset:read (the asset is referenced). The response uses the apiMiddleware envelope ({ data } with no top-level success field). Both the ticket and asset must exist (404 otherwise); a duplicate link returns 409.

RBAC · ticket

Path parameters

idstring <uuid>Required

Asset UUID from assets.asset_id.

Request body

Content type: application/json · schema TicketAssetLinkRequest

asset_idstring <uuid>Required

Asset UUID to link to the ticket.

relationship_typestring

Optional association type; defaults to affected.

min length 1

notesstring

Optional notes stored on asset_associations.notes.

Response body

Success response 201 · schema TicketAssetLinkResponse

dataobjectRequired

tenantstring <uuid>Required

Tenant UUID from asset_associations.tenant.

asset_idstring <uuid>Required

Asset UUID from asset_associations.asset_id.

entity_idstring <uuid>Required

Linked entity UUID — the ticket_id, from asset_associations.entity_id.

entity_typestringRequired

Always 'ticket' for these endpoints.

Enum: ticket

relationship_typestringRequired

Association type from asset_associations.relationship_type (defaults to affected).

notesstringNullable

Optional notes from asset_associations.notes.

created_bystring <uuid>Required

Creator user UUID from asset_associations.created_by.

created_atstringRequired

Link creation timestamp from asset_associations.created_at.

metaobject

Response codes

201

Asset linked. Returns the inserted asset_associations row.

400

Request body validation failed.

401

x-api-key missing/invalid.

403

Caller lacks ticket:update (or per-ticket authorization) or asset:read.

404

Ticket or asset not found in the tenant.

409

Asset is already linked to this ticket.

500

Unexpected error.

POST /api/v1/tickets/{id}/assets

cURL

curl -X POST "https://algapsa.com/api/v1/tickets/{id}/assets" \
  -H "X-API-Key: $ALGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "asset_id": "01HN2K7VRB9PQ3Y0000000000",
  "relationship_type": "x",
  "notes": "string"
}'

TypeScript

const response = await fetch("https://algapsa.com/api/v1/tickets/{id}/assets", {
  method: "POST",
  headers: {
    "X-API-Key": "$ALGA_API_KEY",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    "asset_id": "01HN2K7VRB9PQ3Y0000000000",
    "relationship_type": "x",
    "notes": "string"
  })
});
const data = await response.json();

using var client = new HttpClient();
using var request = new HttpRequestMessage(HttpMethod.Post, "https://algapsa.com/api/v1/tickets/{id}/assets");
request.Headers.TryAddWithoutValidation("X-API-Key", "$ALGA_API_KEY");
request.Headers.TryAddWithoutValidation("Content-Type", "application/json");
request.Content = new StringContent(@"{
  ""asset_id"": ""01HN2K7VRB9PQ3Y0000000000"",
  ""relationship_type"": ""x"",
  ""notes"": ""string""
}", Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
var body = await response.Content.ReadAsStringAsync();

201 OK·application/json

{
  "data": {
    "tenant": "01HN2K7VRB9PQ3Y0000000000",
    "asset_id": "01HN2K7VRB9PQ3Y0000000000",
    "entity_id": "01HN2K7VRB9PQ3Y0000000000",
    "entity_type": "ticket",
    "relationship_type": "string",
    "notes": "string",
    "created_by": "01HN2K7VRB9PQ3Y0000000000",
    "created_at": "string"
  },
  "meta": {}
}