I’m trying to set up Mailgun to work with my osTicket installation but running into authentication issues. The problem is that osTicket needs a valid API key for incoming requests, but I can’t figure out how to include this key when configuring Mailgun routes.
Currently my Mailgun route action looks like this:
forward("https://mysite.com/helpdesk/api/tickets.email")
When Mailgun tries to forward emails, osTicket logs show “API Error (401) Valid API key required” because the request doesn’t include the required authentication.
Is there a method to include the API key in the Mailgun route configuration? Or should I look into alternative ticketing solutions that might have better Mailgun compatibility?
also watch out for proxies or cloudflare strippin headers from your osticket setup. mailgun worked perfectly for me until i added cloudflare - then it started rejecting requests even with the correct api key in the url. fixed it by whitelisting mailgun’s servers in cloudflare settings.
The authentication issue happens because osTicket needs proper API credentials with incoming requests. Besides the query parameter approach mentioned above, check that your osTicket API config allows external requests from Mailgun’s IP ranges. Most authentication failures I’ve seen are actually from IP restrictions, not missing keys. Go to Admin > Emails > Settings in your osTicket admin panel and make sure “Accept Email via API” is enabled. Also confirm your API key has the right permissions - “Can create tickets” needs to be checked. I’ve seen keys that existed but couldn’t create tickets, causing the same 401 errors. If you’re still having problems, test the API endpoint directly with curl using your API key. This’ll help you figure out if it’s an osTicket config issue or a Mailgun integration problem.
Had this exact problem six months ago - the docs don’t make it clear at all. You need to pass the API key as a query parameter in your Mailgun route URL. Change your forward action to:
forward("https://mysite.com/helpdesk/api/tickets.email?api-key=YOUR_API_KEY")
Use “api-key” not “apikey” or “key” - osTicket’s picky about this. Find your API key in osTicket admin under Manage > API Keys. If you don’t have one, create it first and make sure it has email processing permissions. Fixed my auth errors immediately once I did this.