FireHydrant is a full-cycle incident management platform unifying alerting, on-call scheduling, incident response, and post-incident reviews. Built for DevOps and SRE teams, it automates response through runbooks, streamlines stakeholder communications, and provides analytics like MTTD and MTTR. Its service catalog tracks infrastructure components, ownership, and dependencies to engage the right responders quickly.
Power end-to-end data operations for your FireHydrant API with Nexla. Our bi-directional FireHydrant connector is purpose-built for FireHydrant, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to FireHydrant or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your FireHydrant workflows fast, secure, and fully governed.
Features
Type: API
SourceDestination
Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
Request optimization with intelligent batching, retry, and caching to minimize API calls and costs
To connect Nexla to FireHydrant, you need a FireHydrant API key. FireHydrant uses Bearer token authentication for all API requests, and API keys are scoped to your organization. Only users with Owner permissions in FireHydrant can create API keys.
Enter a descriptive Name for the key (for example, Nexla Integration) and, optionally, a Description to help identify its purpose.
Click Save to generate the key.
On the confirmation page, copy the API key displayed and store it in a secure location.
Important
The API key is shown only once immediately after creation. If you navigate away without copying it, you will need to create a new key. Store the key in a secrets manager or other secure credential store.
After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Enter your FireHydrant API key in the API Key Value field. This is the token you copied when creating the key in Settings > API Keys within FireHydrant. FireHydrant authenticates all API requests using a Bearer token transmitted in the Authorization request header; Nexla sends this header automatically once the API key is saved in the credential.
The API key value is stored securely and is not displayed after the credential is saved. Nexla validates the key against the FireHydrant API (using the /v1/environments endpoint) before saving the credential.
Click the Save button at the bottom of the overlay. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.
To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Select the FireHydrant connector tile, then select the credential that will be used to connect to the FireHydrant instance, and click Next; or, create a new FireHydrant credential for use in this flow.
Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common FireHydrant endpoints. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below.
List Incidents
Retrieves a list of incidents from your FireHydrant account, with optional filtering by search term, status, severity, tags, milestones, environments, and services. Use this endpoint to pull incident records into Nexla for analysis, reporting, or integration with downstream data platforms.
This endpoint supports several optional filter parameters. Configure any of the following fields to narrow the results returned:
Query (optional): Enter a search term to filter incidents by keyword. Leave blank to retrieve all incidents.
Status (optional): Enter an incident status value to filter results. Common FireHydrant status values include open, closed, and investigating. Leave blank to retrieve incidents in all statuses.
Severity (optional): Enter a severity level to filter incidents. FireHydrant severity values are typically defined by your organization (for example, SEV1, SEV2, SEV3). Leave blank to retrieve incidents at all severity levels.
Tag (optional): Enter a tag name to filter incidents by associated tag. Leave blank to retrieve incidents regardless of tag.
Current Milestones (optional): Enter a milestone value to filter incidents by their current milestone status (for example, started, detected, mitigated, resolved, or postmortem_completed). Leave blank to retrieve incidents at any milestone.
Environments (optional): Enter an environment name or ID to filter incidents associated with a specific environment. Leave blank to retrieve incidents across all environments.
Services (optional): Enter a service name or ID to filter incidents affecting a specific service. Leave blank to retrieve incidents across all services.
This endpoint uses page-based pagination and retrieves up to 200 records per page. For accounts with large numbers of incidents, Nexla will automatically paginate through all available results. For additional details about available filter parameters, refer to the FireHydrant List Incidents API documentation.
Get Incident by ID
Fetches the full details of a single FireHydrant incident by its unique identifier. Use this endpoint when you need complete incident data for a specific event—such as for post-incident reporting, audit trails, or downstream processing.
Id (required): Enter the unique ID of the incident to retrieve. FireHydrant incident IDs are UUIDs and can be found in the FireHydrant UI on the incident detail page, or by first using the List Incidents endpoint to retrieve a list of incidents and their corresponding IDs.
Returns a paginated list of alerts received by FireHydrant. Alerts are signals from monitoring tools and integrations that may trigger or be associated with incidents. Use this endpoint to analyze alert volume, frequency, and correlation with incidents.
This endpoint does not require any additional configuration. It automatically retrieves all alerts accessible to your FireHydrant organization.
The endpoint uses offset-based pagination and retrieves up to 200 records per page. Nexla will automatically paginate through all available results.
Returns the services registered in your FireHydrant service catalog. The service catalog is central to FireHydrant's incident management approach, tracking ownership, dependencies, and relationships between infrastructure components. Use this endpoint to export your service catalog data for analysis, reporting, or synchronization with other systems.
This endpoint does not require any additional configuration. It retrieves all services from the FireHydrant service catalog accessible to your account.
Returns a list of teams and on-call responders configured in your FireHydrant account. Use this endpoint to export team structures, on-call schedules, and responder assignments for reporting or integration with HR and workforce management systems.
This endpoint does not require any additional configuration. It retrieves all teams accessible to your FireHydrant organization.
Returns a list of environments defined in your FireHydrant service catalog. Environments represent the deployment targets (such as production, staging, and development) that your services run in. Use this endpoint to export environment data for reporting or to cross-reference incident impact with specific deployment environments.
This endpoint does not require any additional configuration. It retrieves all environments accessible to your FireHydrant organization.
Returns a list of runbooks configured in your FireHydrant account. Runbooks are automated playbooks that define the steps and actions taken during an incident. Use this endpoint to audit your runbook library, export runbook definitions for documentation, or synchronize runbook metadata with external systems.
This endpoint does not require any additional configuration. It retrieves all runbooks accessible to your FireHydrant organization.
Returns mean time to detection (MTTD) and mean time to resolution (MTTR) metrics for incidents in your FireHydrant account. These metrics are key indicators of incident response efficiency and are commonly used for SRE performance reporting and continuous improvement tracking.
This endpoint does not require any additional configuration. It retrieves aggregate mean time metrics across incidents in your FireHydrant organization.
Returns a paginated list of ticketing tickets from your FireHydrant account. FireHydrant's ticketing feature allows teams to create and track follow-up action items and tasks linked to incidents. Use this endpoint to export ticket data for project management reporting or integration with external ticketing systems.
This endpoint does not require any additional configuration. Nexla will automatically paginate through all available results, retrieving up to 200 records per page.
Returns a paginated list of task lists from your FireHydrant account. Task lists are reusable collections of tasks that can be applied to incidents during response. Use this endpoint to export task list definitions for documentation or to analyze task assignment patterns across incidents.
This endpoint does not require any additional configuration. Nexla will automatically paginate through all available results, retrieving up to 200 records per page.
Returns a paginated list of checklist templates defined in your FireHydrant account. Checklist templates define the standard steps and verification items used during incident response. Use this endpoint to export checklist template definitions for auditing, documentation, or compliance reporting.
This endpoint does not require any additional configuration. Nexla will automatically paginate through all available results, retrieving up to 200 records per page.
Returns a list of all outbound webhooks configured in your FireHydrant account. FireHydrant webhooks deliver real-time event notifications to external URLs when incident-related events occur. Use this endpoint to audit your webhook configurations or export webhook definitions for documentation.
This endpoint does not require any additional configuration. It retrieves all webhooks configured in your FireHydrant organization.
Returns a list of all incident roles available in your FireHydrant account. Incident roles (such as Incident Commander, Communications Lead, and Subject Matter Expert) define the responsibilities assigned to responders during an incident. Use this endpoint to export role definitions for documentation or workforce planning.
This endpoint does not require any additional configuration. It retrieves all incident roles defined in your FireHydrant organization.
Returns a list of all incident tags available in your FireHydrant account. Tags are used to categorize and filter incidents by topic, team, or other organizational criteria. Use this endpoint to export your tag taxonomy for documentation, reporting, or governance purposes.
This endpoint does not require any additional configuration. It retrieves all tags defined in your FireHydrant organization.
Returns a list of all incident types available in your FireHydrant account. Incident types classify incidents by category (such as security, infrastructure, or application), enabling consistent categorization and filtering across your incident history.
This endpoint does not require any additional configuration. It retrieves all incident types defined in your FireHydrant organization.
Returns a list of infrastructure components tracked in your FireHydrant account. Infrastructure components represent the systems, services, and dependencies that your organization monitors. Use this endpoint to export your infrastructure inventory for CMDB synchronization, reporting, or dependency analysis.
This endpoint does not require any additional configuration. It retrieves all infrastructure components registered in your FireHydrant organization.
Returns a list of custom field definitions configured in your FireHydrant account. Custom fields extend FireHydrant's incident data model to capture organization-specific information. Use this endpoint to export your custom field schema for documentation, governance, or downstream data mapping purposes.
This endpoint does not require any additional configuration. It retrieves all custom field definitions available in your FireHydrant organization.
Returns a list of entitlements configured in your FireHydrant account. Entitlements define the features and capabilities enabled for your organization based on your subscription plan. Use this endpoint to audit account entitlements or verify feature availability programmatically.
This endpoint does not require any additional configuration. It retrieves all entitlements configured for your FireHydrant organization.
Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.
FireHydrant data sources can also be manually configured to ingest data from any valid FireHydrant API endpoint, including endpoints not covered by the pre-built templates, chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.
The FireHydrant REST API base URL is https://api.firehydrant.io/v1. If your organization uses FireHydrant's EU region, replace api.firehydrant.io with api.eu.firehydrant.io in all endpoint URLs. All FireHydrant read endpoints use GET. Most list endpoints return records inside a top-level data array — set Path to Data to $.data[*], and optionally set Path to Metadata to the pagination object to capture pagination details (pagination.count, pagination.page, pagination.pages) with each record. You do not need to add the Authorization header; it is managed automatically by your FireHydrant credential. For complete API reference documentation, see the FireHydrant API documentation.
Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and create the new FireHydrant data source. Nexla will now begin ingesting data from the configured endpoint and will organize any data that it finds into one or more Nexsets.
Click the + icon on the Nexset that will be sent to the FireHydrant destination, and select the Send to Destination option from the menu. Select the FireHydrant connector from the list of available destination connectors, then select the credential that will be used to connect to the FireHydrant organization, and click Next; or, create a new FireHydrant credential for use in this flow.
Nexla provides pre-built templates that can be used to rapidly configure destinations to send data to common FireHydrant endpoints. Select the endpoint to which data will be sent from the Endpoint pulldown menu. Then, click on the template in the list below to expand it, and follow the instructions to configure additional endpoint settings.
Create Incident
Creates a new incident in FireHydrant using data from a Nexset. Use this endpoint to automatically open incidents based on events or alerts detected in other systems—for example, triggering a FireHydrant incident when a monitoring tool detects a threshold breach or when an anomaly is identified in a data pipeline.
This endpoint accepts incident data in JSON format. The Nexset fields will be mapped to the FireHydrant incident fields in the request body.
Common fields that can be included in the request body are:
name (required): The name or title of the incident.
description: A description of the incident.
severity: The severity level of the incident (e.g., SEV1, SEV2, SEV3).
priority: The priority of the incident.
tags: An array of tag names to apply to the incident.
The request body is sent as JSON. Ensure that field names in the Nexset match the FireHydrant API field names. For the complete list of supported request body fields, refer to the FireHydrant Create Incident API documentation.
Update Incident
Updates an existing FireHydrant incident with new values for fields such as severity, status, summary, and tags. Use this endpoint to automatically keep FireHydrant incidents in sync with data from other systems—for example, updating an incident's severity when a monitoring metric changes, or closing an incident when a resolution is detected.
Id (required): Enter the unique ID of the FireHydrant incident to update. This is a UUID that identifies the specific incident record in FireHydrant. The incident ID can be obtained from the FireHydrant UI or from the output of the List Incidents source endpoint.
The request body should contain only the fields that need to be updated. Fields not included in the request body will remain unchanged on the incident.
Common fields that can be updated include:
severity: Update the incident severity level.
status: Update the current status of the incident.
description: Update the incident description or summary.
tags: Update the tags associated with the incident.
This endpoint uses the HTTP PATCH method, which performs a partial update—only the fields included in the request body are changed. For the complete list of updatable fields, refer to the FireHydrant Update Incident API documentation.
Create Change Event
Creates a change event in FireHydrant representing a deployment, configuration change, or other modification to your infrastructure or services. Change events help teams correlate incidents with recent changes, enabling faster root cause analysis. Use this endpoint to automatically register change events from CI/CD pipelines, deployment tools, or configuration management systems.
This endpoint accepts change event data in JSON format. The Nexset fields will be mapped to the FireHydrant change event fields in the request body.
Common fields that can be included in the request body are:
summary (required): A brief summary of the change (e.g., Deployed v2.5.1 to production).
description: A detailed description of what changed.
labels: Key-value pairs providing additional metadata about the change (e.g., environment, version, or team).
services: An array of service identifiers indicating which services were affected by the change.
Change events are a powerful tool for root cause analysis—FireHydrant surfaces recent change events on incident timelines to help responders identify potential causes. For the complete list of supported fields, refer to the FireHydrant Create Change Event API documentation.
Add Incident Note
Adds a timeline note or status update to an existing FireHydrant incident. Incident notes appear on the incident timeline and provide a chronological record of actions taken, observations made, and status updates communicated during the incident. Use this endpoint to automatically post status updates, log automated actions, or add contextual information from other systems to the incident timeline.
Id (required): Enter the unique ID of the FireHydrant incident to which the note will be added. The incident ID can be obtained from the FireHydrant UI or from the output of the List Incidents source endpoint.
The request body should include the note content. Common fields include:
body: The text content of the note to add to the incident timeline.
Creates a ticketing ticket in FireHydrant, optionally linked to an incident. Tickets represent follow-up action items, remediation tasks, or post-incident work items that need to be tracked to completion. Use this endpoint to automatically create follow-up tasks in FireHydrant based on data from other systems—for example, generating remediation tickets from a vulnerability scanner or task management workflow.
This endpoint accepts ticket data in JSON format. The Nexset fields will be mapped to the FireHydrant ticket fields in the request body.
Common fields that can be included in the request body are:
summary (required): A brief summary or title for the ticket.
description: A detailed description of the work to be done.
Registers a new outbound webhook in FireHydrant. FireHydrant webhooks deliver real-time event notifications to an external URL when incident-related events occur, such as when an incident is created, updated, or resolved. Use this endpoint to programmatically register webhook endpoints in FireHydrant as part of an automated onboarding or integration setup workflow.
This endpoint accepts webhook configuration data in JSON format.
Common fields that can be included in the request body are:
url (required): The destination URL that FireHydrant will send event notifications to.
name: A descriptive name for the webhook.
state: The initial state of the webhook (active or inactive).
Archives (soft-deletes) an existing FireHydrant incident. When an incident is archived, it is hidden from the FireHydrant UI and excluded from analytics and reporting. Archiving is a non-destructive operation—archived incidents can be unarchived if needed. Use this endpoint to programmatically clean up test incidents, duplicate records, or incidents created in error.
Id (required): Enter the unique ID of the FireHydrant incident to archive. The incident ID can be obtained from the FireHydrant UI or from the output of the List Incidents source endpoint.
Archiving an incident hides it from the UI and excludes it from analytics, but does not permanently delete it. Archived incidents can be restored using the FireHydrant Unarchive Incident API endpoint. For additional details, refer to the FireHydrant Archive Incident API documentation.
FireHydrant destinations can also be manually configured to send data to any valid FireHydrant API endpoint. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, data format, endpoint URL, request headers, attribute exclusions, record batching, and response webhooks.
The FireHydrant REST API base URL is https://api.firehydrant.io/v1. If your organization uses FireHydrant's EU region, replace api.firehydrant.io with api.eu.firehydrant.io in all endpoint URLs. Common methods are POST for creating resources (incidents, change events, tickets, webhooks, notes), PATCH for partially updating resources (updating incident fields), and DELETE for archiving resources. FireHydrant accepts JSON formatted request bodies. For update and delete operations, include the ID of the resource to be updated or archived at the end of the URL (e.g., https://api.firehydrant.io/v1/incidents/{incident_id}). You do not need to add the Authorization header; it is managed automatically by your FireHydrant credential. For complete API reference documentation, see the FireHydrant API documentation.
Nexla can automatically send the response received from the FireHydrant API after each call to a new Nexla webhook data source. This option allows you to keep track of the status of each API call and any additional information returned after each call—for example, to capture the ID of a newly created incident for use in downstream processing.
Once all endpoint settings have been configured, click the Done button in the upper right corner of the screen to save and create the destination. To begin sending data to the configured FireHydrant endpoint, open the destination resource menu, and select Activate.
The Nexset data will not be sent to FireHydrant until the destination is activated. Destinations can be activated immediately or at a later time, providing full control over data movement.