Contact Us
Journal Statistics & Approval Details
Recent Published Paper
Our Author's Feedback
 •  SJIF Impact Factor: 8.067       •  ISRA Impact Factor 7.894       •  Hard Copy of Certificates to All Authors       •  DOI by Crossref for all Published Papers       •  Soft Copy of Certificates- Within 04 Hours       •  Authors helpline No: +91-8813907089(Whatsapp)       •  No Publication Fee for Paper Submission       •  Hard Copy of Certificates to all Authors       •  UGC Approved Journal: IJRASET- Click here to Check       •  Conference on 18th and 19th Dec at Sridevi Womens Engineering College     
ISSN: 2321-9653
Estd : 2013

Ijraset Journal For Research in Applied Science and Engineering Technology

HiTicket: Online Chatbot Based IT Ticketing System

Authors: Chaitanya Deep Chellu, Sneha K B, Tasmiya Banu , Bhargav S , Ms. Jyothi M V

DOI Link: https://doi.org/10.22214/ijraset.2026.80872

Certificate: View Certificate

Abstract

Effective IT support management in academic institutions and small-to-medium enterprises is often hindered by unstructured channels — email chains, phone calls, and walk-in requests — which lack traceability, accountability, and automated service-level enforcement. This paper presents HiTicket, a production-deployed full-stack AI-assisted IT helpdesk and ticketing platform that addresses these limitations through a decoupled three-tier web architecture. The presentation tier is a React 19 Single-Page Application on Vercel CDN with Progressive Web App support; the application tier is a stateless Node.js 20 REST API on Render; and the data tier employs MongoDB Atlas with Cloudinary CDN and Gmail REST API. Four key technical contributions are presented: (1) a deterministic chatbot wizard enabling structured ticket creation in under 60 seconds with real-time knowledge base deflection; (2) adaptive two-factor authentication supporting both Email OTP and TOTP with JWT token versioning for cryptographic session invalidation; (3) an automated SLA management engine comprising four background jobs handling hourly priority escalation, daily stale-ticket closure, due-date reminders, and weekly digest notifications; and (4) a security posture fully aligned with the OWASP Top 10. Comparative evaluation against commercial and open-source ITSM tools demonstrates feature parity at zero licensing cost. The platform is publicly accessible at hiticket.vercel.app.

Introduction

Many academic institutions and small-to-medium enterprises struggle with managing IT support requests through traditional methods such as emails, phone calls, and walk-in support. These approaches often lack accountability, traceability, and service-level agreement (SLA) enforcement, leading to inefficient issue resolution and poor user experiences. While commercial IT Service Management (ITSM) solutions offer advanced features, they are often too expensive for smaller organizations. Existing open-source alternatives provide basic ticketing but lack modern functionality and security features.

To address these limitations, the paper introduces HiTicket, a full-stack, cloud-deployed IT helpdesk platform that provides an affordable, secure, and automated IT support management solution.

Key Contributions

HiTicket offers:

  • A complete ticket lifecycle management system.
  • Chatbot-guided ticket creation.
  • Knowledge-base article suggestions to reduce unnecessary tickets.
  • Automatic ticket assignment using round-robin distribution.
  • Dual-method two-factor authentication (2FA).
  • Automated SLA monitoring and ticket management.
  • Strong security measures aligned with OWASP standards.
  • Zero infrastructure cost deployment using cloud platforms.

Related Work

Existing ITSM solutions include:

  • Jira Service Management – Feature-rich but expensive due to per-agent licensing.
  • ServiceNow – Enterprise-grade ITSM platform with high implementation costs.
  • Zendesk – Strong customer support tools but limited customization for internal IT teams.
  • osTicket – Open-source but lacks modern architecture, chatbot support, advanced security, and automation.

Research has shown that:

  • Chatbot-guided ticket submission can significantly reduce resolution times.
  • Knowledge-base recommendations can lower ticket volumes.
  • JWT token versioning improves secure session management.
  • Automated SLA enforcement improves service quality.

HiTicket combines these best practices into a single integrated system.

System Architecture

HiTicket follows a three-tier architecture:

1. Presentation Tier

  • Built using React 19, Vite, and Tailwind CSS.
  • Provides a responsive Single-Page Application (SPA).
  • Includes role-based access control for users, staff, and administrators.
  • Supports Progressive Web App (PWA) features for offline access and mobile installation.
  • Deployed through Vercel's global CDN.

2. Application Tier

  • Developed with Node.js and Express.
  • Uses a secure middleware chain that includes:
    • Security headers
    • Rate limiting
    • CORS validation
    • JSON parsing
    • NoSQL injection protection
    • Centralized error handling
  • Provides APIs for:
    • Authentication
    • Ticket management
    • Knowledge base
    • Notifications
    • Feedback
    • Announcements
    • System configuration

3. Data Tier

  • Uses MongoDB Atlas as the primary database.
  • Stores file attachments through Cloudinary.
  • Utilizes Gmail API with OAuth2 for email delivery.
  • Avoids file-system dependency by storing uploads in cloud storage.

System Design

Data Model

The platform revolves around five main collections:

  • User
  • Ticket
  • Knowledge Base Articles
  • Notifications
  • Canned Responses and Announcements

Ticket-related information such as comments, notes, history, and attachments is embedded within ticket records to improve query performance and reduce database joins.

Authentication and Security

HiTicket incorporates advanced security mechanisms:

  • Email OTP and TOTP-based two-factor authentication.
  • JWT-based authentication with token versioning.
  • Cryptographic session invalidation without maintaining token blacklists.
  • Password hashing using bcrypt.
  • NoSQL injection protection.
  • Rate limiting against abuse.
  • Secure HTTP headers via Helmet.
  • Role-based access control.

The system prevents partially authenticated users from accessing protected resources until 2FA verification is completed.

Innovative Features

Chatbot Ticket Wizard

  • Guides users through ticket creation.
  • Suggests relevant knowledge-base articles before ticket submission.
  • Automatically classifies ticket priority based on keywords.

Automated SLA Management

  • Uses multiple scheduled background jobs to:
    • Monitor SLA deadlines.
    • Escalate unresolved tickets.
    • Close stale requests automatically.
    • Maintain service quality with minimal manual intervention.

Round-Robin Ticket Assignment

  • Distributes tickets fairly among support agents.
  • Reduces workload imbalance and improves response times.

Conclusion

This paper presented HiTicket, a production-deployed AI-assisted IT helpdesk platform combining chatbot-guided ticket creation, dual-method two-factor authentication, automated SLA management, and a comprehensive OWASP-aligned security posture. The system demonstrates that modern ITSM functionality is achievable within a free-tier cloud infrastructure without per-agent licensing costs, making it practically viable for the large segment of academic institutions and small enterprises currently relying on unstructured support channels. The chatbot wizard reduces ticket creation to under 60 seconds for non-technical users, while real-time knowledge base deflection reduces unnecessary submissions. The dual-method 2FA system with JWT token versioning provides cryptographic session management that exceeds the capabilities of most open-source alternatives. The four-job SLA engine automates ticket lifecycle management, substantially reducing manual agent overhead on routine administrative tasks such as priority escalation and stale-ticket closure. Directions for future work include: (1) real-time push notifications via Server-Sent Events or WebSockets to eliminate polling; (2) OAuth2 SSO integration with Google and Microsoft identity providers; (3) replacement of the keyword regex priority classifier with a fine-tuned text classification model; (4) multi-tenant department support for enterprise deployments; and (5) a mobile application using React Native with shared business logic.

References

[1] G. Marques and C. M. Silva, \"Challenges in IT Support Management in Academic Institutions,\" in Proc. IEEE Int. Conf. Information Technology (ICIT), 2019, pp. 45–50. [2] Atlassian, \"Jira Service Management — Product Documentation,\" Atlassian, Sydney, Australia, Tech. Doc., 2024. [Online]. Available: https://support.atlassian.com/jira-service-management-cloud [3] ServiceNow Inc., \"ServiceNow Platform Overview and ITIL Compliance,\" Santa Clara, CA, USA, Product Whitepaper, 2024. [4] Zendesk Inc., \"Zendesk Support Suite Documentation,\" Zendesk, San Francisco, CA, USA, Tech. Doc., 2024. [5] osTicket, \"osTicket Open Source Support Ticket System,\" Enhanced Bits LLC, Tech. Doc., 2023. [Online]. Available: https://osticket.com/docs [6] Freshworks Inc., \"Freshdesk Customer Support Platform,\" San Mateo, CA, USA, 2024. [Online]. Available: https://freshdesk.com [7] A. Mohammed, S. Ahmed, and W. Khan, \"Chatbot-Based IT Ticketing: A Comparative Study of Guided vs. Free-Text Submission,\" IEEE Access, vol. 9, pp. 112340–112351, 2021. [8] L. Xu, Y. Zhang, and M. Chen, \"Knowledge Base Deflection in IT Service Desks: An Empirical Analysis,\" in Proc. IEEE Int. Conf. Software Engineering and Service Science (ICSESS), 2020, pp. 178–183. [9] I. Ndungu, D. Osei, and P. Muremi, \"Stateless JWT Authentication in RESTful APIs: Security Analysis and Token Versioning,\" in Proc. IEEE Int. Conf. Emerging Trends in Networks and Computing, 2022, pp. 67–72. [10] P. Grassi, J. Fenton, E. K. Newton et al., \"Digital Identity Guidelines: Authentication and Lifecycle Management,\" NIST SP 800-63B, National Institute of Standards and Technology, Gaithersburg, MD, USA, 2017. [11] D. M\'Raihi, S. Machani, M. Pei, and J. Rydell, \"TOTP: Time-Based One-Time Password Algorithm,\" Internet Engineering Task Force, RFC 6238, May 2011. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc6238 [12] R. El-Gazzar and L. Stendal, \"Service Level Agreements and Automation in IT Support Systems,\" IEEE Trans. Services Computing, vol. 13, no. 4, pp. 612–624, Jul.–Aug. 2020. [13] K. Chodorow, MongoDB: The Definitive Guide, 3rd ed. Sebastopol, CA, USA: O\'Reilly Media, 2019. [14] OWASP Foundation, \"OWASP Top Ten Web Application Security Risks 2021,\" OWASP, Wakefield, MA, USA, 2021. [Online]. Available: https://owasp.org/Top10/ [15] Meta Open Source, \"React — The library for web and native user interfaces,\" Meta Platforms Inc., Documentation, 2024. [Online]. Available: https://react.dev [16] OpenJS Foundation, \"Express — Fast, unopinionated web framework for Node.js,\" OpenJS Foundation, San Francisco, CA, USA, Documentation, 2024. [Online]. Available: https://expressjs.com [17] MongoDB Inc., \"MongoDB Atlas Documentation,\" MongoDB Inc., New York, NY, USA, Tech. Doc., 2024. [Online]. Available: https://www.mongodb.com/docs/atlas/ [18] A. Baldwin and contributors, \"Helmet — Help secure Express apps with various HTTP headers,\" GitHub, 2024. [Online]. Available: https://helmetjs.github.io/ [19] Google LLC, \"Gmail API Reference,\" Google Cloud, Mountain View, CA, USA, API Documentation, 2024. [Online]. Available: https://developers.google.com/gmail/api [20] Vercel Inc., \"Vercel Documentation — Framework support, deployments, and edge network,\" San Francisco, CA, USA, Platform Documentation, 2024. [Online]. Available: https://vercel.com/docs

Download Paper

Paper Id : IJRASET80872

Publish Date : 2026-04-23

ISSN : 2321-9653

Publisher Name : IJRASET

DOI Link : Click Here

Whatsapp Submit Paper Online