Here are the key concepts required to make requests to the incident.io API.

For all requests made to the incident.io API, you'll need an API key.

To create an API key, head to the incident dashboard and visit API keys. When you create the key, you'll be able to choose what actions it can take for your account: choose carefully, as those roles can only be set when you first create the key. We'll only show you the token once, so make sure you store it somewhere safe.

Once you have the key, you should make requests to the API that set the Authorization request header using a "Bearer" authentication scheme:

Authorization: Bearer <YOUR_API_KEY>

We use standard HTTP response codes to indicate the status or failure of API requests.

The API response body will be JSON, and contain more detailed information on the nature of the error.

An example error when a request is made without an API key:

{
  "type": "authentication_error",
  "status": 401,
  "request_id": "8e3cc412-b49d-4957-9073-2c19d2c61804",
  "errors": [
    {
      "code": "missing_authorization_material",
      "message": "No authorization material provided in request"
    }
  ]
}

Note that the error:

• Contains the HTTP status (401)
• References the type of error (authentication_error)
• Includes a request_id that can be provided to incident.io support to help debug questions with your API request
• Provides a list of individual errors, which go into detail about why the error occurred

The most common error will be a 422 Validation Error, which is returned when the request was rejected due to failing validations.

These errors look like this:

{
  "type": "validation_error",
  "status": 422,
  "request_id": "631766c4-4afd-4803-997c-cd700928fa4b",
  "errors": [
    {
      "code": "is_required",
      "message": "A severity is required to open an incident",
      "source": {
        "field": "severity_id"
      }
    }
  ]
}

This error is caused by not providing a severity identifier, which should be at the severity_id field of the request payload. Errors like these can be mapped to forms, should you be integrating with the API from a user-interface.

We won't make breaking changes to existing API services or endpoints, but will expect integrators to upgrade themselves to the latest API endpoints within 3 months of us deprecating the old service.

We will make changes that are considered backwards compatible, which include:

• Adding new API endpoints and services
• Adding new properties to responses from existing API endpoints
• Reordering properties returned from existing API endpoints
• Adding optional request parameters to existing API endpoints
• Altering the format or length of IDs
• Adding new values to enums

It is important that clients are robust to these changes, to ensure reliable integrations.

As an example, if you are generating a client using an openapi-generator, ensure the generated client is configured to support unknown enum values, often configured via the enumUnknownDefaultCase parameter.

When breaking changes are unavoidable, we'll create a new service version on a separate path, and run them in parallel.

For example:

• https://api.incident.io/v1/incidents
• https://api.incident.io/v2/incidents

For any questions, email support@incident.io.

Manage incident actions.

Incidents have two types of actions associated to them:

• Actions, used during an incident response as ephemeral todo lists
• Follow-ups, actions which are for after the incident and can be exported to external issue trackers

You can manage actions in the incident Slack channel with /incident actions, or on the incident homepage.

Exporting follow-ups to external issue trackers can be done in the incident homepage.

Manage custom field options.

Single- and multi-select custom fields have a list of all available options, which have a value, and a sort key. The value must be unique to the custom field. For example, you might have an Incident Type custom field, with options "Data breach", "Performance degradation", "API downtime", etc.

Manage custom fields.

Custom fields are used to attach metadata to incidents, which you can use when searching for incidents in the dashboard, triggering workflows, building announcement rules or for your own data needs.

Each field has a type:

• Single-select, single value selected from a predefined list of options (ie. Incident Type)
• Multi-select, as above but you can pick more than one option (ie. Teams)
• Text, freeform text field (ie. Customer ID)
• Link, link URL that is synced to Slack bookmarks on the incident channel (ie. External Status Page)
• Number, integer or fractional numbers (ie. Customers Affected)

We may add more custom field types in the future - we'd love to hear any other types you'd like to use!

Create, list and delete incident attachments.

Incident Attachments allows you to connect resources from external systems into incidents. Examples include: PagerDuty incidents and GitHub pull requests.

Manage incident roles.

During an incident, you can assign responders to one of the incident roles that are configured in your organisation settings.

Every organisation will have a special 'lead' role, which signifies the incident lead or commander. This role cannot be deleted, but can be renamed in the incident.io dashboard.

Manage incident statuses.

Each incident has a status, picked from one of the statuses configured in your organisations settings.

Statuses help communicate where an incident is in its lifecycle. You can use statuses when filtering incidents in the dashboard, and in workflows and announcement rules.

View incident timestamps.

Each incident has a number of timestamps; some being defaults that we set on each incident for you, and other being configured for your organisation within settings.

Timestamps help to communicate when a given action was taken for a specific incident, for example when it was reported, closed or fixed.

View incident types.

With incident types enabled, you can tailor your process to the situation you're responding to with different custom fields and roles for each incident type.

Create and read incidents.

Incidents are a core resource, on which many other resources (actions, etc) are created.

Care should be taken around these endpoints, as automation that creates duplicate incidents can be distracting, and impact reporting.