Skip to main content

incident.io

incident.io is an all-in-one incident management platform that unifies on-call scheduling, real-time incident response, and integrated status pages to help engineering and SRE teams resolve issues faster and reduce downtime. Built with a Slack-native design, incident.io streamlines the entire incident lifecycle—from alerting and escalation through investigation, resolution, and post-incident learning. The platform provides AI-powered root cause analysis, automated runbooks, customizable workflows, and a rich analytics dashboard (including MTTD and MTTR metrics) to help teams continuously improve their reliability practices. incident.io also supports customer-facing status pages, making it a comprehensive solution for both internal incident response and external stakeholder communication.

incident.io icon

Power end-to-end data operations for your incident.io API with Nexla. Our bi-directional incident.io connector is purpose-built for incident.io, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to incident.io or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your incident.io workflows fast, secure, and fully governed.

Features

Type: API

SourceDestination

  • Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
  • Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
  • API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
  • Request optimization with intelligent batching, retry, and caching to minimize API calls and costs

Prerequisites

To connect Nexla to incident.io, you need an incident.io API key. incident.io authenticates all API requests using Bearer token authentication, where the API key is transmitted as a Bearer token in the Authorization request header. API keys are scoped to your incident.io organization and can be granted account-level permissions, team-scoped permissions, or a combination of both.

Only users with the api_keys_manage permission can create API keys. This permission must be granted from the incident.io dashboard and cannot be assigned via the API itself.

Obtain an incident.io API Key

incident.io API keys are generated from the Settings area of the incident.io application.

  1. Log in to your incident.io account at app.incident.io.

  2. Navigate to Settings in the left-hand navigation panel.

  3. Select API keys from the Settings menu.

  4. Click the Create API key button.

  5. Enter a descriptive Name for the key (for example, Nexla Integration) to help identify its purpose later.

  6. Select the permissions (roles) that this key should have. incident.io API keys can be granted account-level permissions, team-scoped permissions, or both. Select the permissions appropriate for the data you want Nexla to access:

    • Account-level permissions apply to all data in your incident.io organization.

    • Team-scoped permissions restrict the key's access to specific teams and their associated incidents, schedules, and alerts.

    Choose the minimum permissions required for your Nexla integration. For read-only data ingestion, select only read permissions. For writing data back to incident.io (for example, creating incidents), include the relevant write permissions. You can edit the permissions on an existing key if your requirements change—there is no need to delete and recreate it.

  7. Click Create to generate the key.

  8. On the confirmation screen, copy the API key and store it in a secure location.

Important

The API key is displayed only once immediately after creation. If you navigate away without copying it, you will need to create a new key. Store the key in a secrets manager or other secure credential store. API keys remain valid even if the user who created them is later deactivated.

The default rate limit for the incident.io API is 1,200 requests per minute per API key. For complete details about API key management, permissions, and rate limits, refer to the incident.io API Reference.

Authenticate

Create a credential in Nexla

  1. After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

  2. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

  3. incident.io authenticates all API requests using a Bearer token transmitted in the Authorization request header. Enter your incident.io API key in the API Key Value field. This is the token you copied when creating the key in Settings > API keys within incident.io, as described in Prerequisites.

    The API key value is stored securely and is not displayed after the credential is saved. Nexla uses this key to authenticate all requests to the incident.io API on your behalf.

  4. Click the Save button at the bottom of the overlay. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.

Use as a data source

To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Select the incident.io connector tile, then select the credential that will be used to connect to the incident.io instance, and click Next; or, create a new incident.io credential for use in this flow.

Endpoint templates

Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common incident.io endpoints. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below; click on an endpoint to see more information about it and how to configure your data source for this endpoint.

List Incidents

Retrieves a list of incidents from your incident.io organization, including metadata such as severity, status, timestamps, assigned roles, affected services, and custom fields. Use this endpoint to pull incident records into Nexla for operational analysis, SLA reporting, or integration with data warehouses and BI tools.

  • This endpoint returns all incidents accessible to your API key. No additional configuration is required to retrieve the full list of incidents in your organization.
  • The incident.io API returns incidents in pages of up to 250 records. Nexla automatically paginates through all available results to ensure a complete data set is ingested.
  • Each incident record includes fields such as incident ID, name, summary, severity, status, created and updated timestamps, assigned team members, impacted services, and any custom fields defined in your incident.io account.

The fields returned by this endpoint reflect your organization's incident.io configuration, including any custom fields and statuses your team has defined. For complete details on the response schema, refer to the incident.io List Incidents API documentation.

List Alerts

Retrieves a list of alerts from your incident.io organization. Alerts in incident.io are notifications generated by monitoring and observability tools that are routed through alert routes. Use this endpoint to ingest alert data into Nexla for analysis of alert volumes, noise patterns, and correlation with incidents.

  • This endpoint returns all alerts accessible to your API key, including alert source, status, associated incidents, deduplication keys, and timestamps.
  • Nexla automatically paginates through all available alert records to ensure complete data ingestion.
  • Alert data is particularly useful for tracking signal-to-noise ratios in your monitoring stack and identifying which alert sources most commonly trigger incidents in your environment.

For complete details about the alert data structure and available filter parameters, refer to the incident.io Alerts API documentation.

List Actions

Retrieves a list of actions from your incident.io organization. Actions are tasks assigned to team members during an incident to help with investigation and mitigation. Use this endpoint to track action completion rates, workload distribution, and response effectiveness across your team.

  • This endpoint returns all actions across your incidents, including the action description, assignee, status (outstanding or completed), and the incident it is associated with.
  • Nexla automatically paginates through all available action records to ensure complete data ingestion.
  • Action data is useful for post-incident reviews and for measuring how effectively your team assigns and completes tasks during incidents.

List Follow-ups

Retrieves a list of follow-up actions from your incident.io organization. Follow-ups are post-incident tasks created to address root causes and prevent recurrence. Use this endpoint to track follow-up completion, ownership, and progress as part of your continuous improvement workflows.

  • This endpoint returns all follow-up items across your incidents, including the follow-up title, assignee, due date, status, priority, and the associated incident.
  • Nexla automatically paginates through all available follow-up records to ensure complete data ingestion.
  • Follow-up data is particularly valuable for reliability engineering teams who need to ensure that post-incident action items are completed in a timely manner to prevent incident recurrence.

List Schedules

Retrieves a list of on-call schedules configured in your incident.io organization. On-call schedules define which team members are responsible for responding to incidents at any given time. Use this endpoint to ingest schedule data into Nexla for workforce planning, coverage reporting, and on-call rotation analysis.

  • This endpoint returns all schedules accessible to your API key, including schedule name, team, timezone, rotation configuration, and the current on-call user(s).
  • Nexla automatically paginates through all available schedule records to ensure complete data ingestion.
  • Schedule data is useful for analyzing on-call burden across teams, ensuring adequate coverage during peak risk periods, and informing decisions about team capacity and rotation design.

For complete details about schedule configuration and available API parameters, refer to the incident.io On-call Schedules API changelog.

List Users

Retrieves a list of users in your incident.io organization. Use this endpoint to ingest user data into Nexla for correlating incident assignments, on-call rotations, and follow-up ownership with individual team members.

  • This endpoint returns all users in your incident.io organization, including their name, email address, role, and associated teams.
  • User data is often used as a lookup dimension when combining incident.io data with HR systems or other organizational data sources in Nexla.

Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.

Manual configuration

incident.io data sources can also be manually configured to ingest data from any valid incident.io API endpoint, including endpoints not covered by the pre-built templates, chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.

The incident.io API base URL is https://api.incident.io/v2/ (some resources are available at /v1/ or /v3/). All endpoints use HTTPS and require a valid Bearer token in the Authorization header, which Nexla handles automatically from your saved credential. Common source endpoint URLs include https://api.incident.io/v2/incidents (list incidents), https://api.incident.io/v2/alerts (list alerts), https://api.incident.io/v2/follow_ups (list follow-ups), https://api.incident.io/v2/schedules (list on-call schedules), and https://api.incident.io/v2/users (list users).

List responses are returned in pages of up to 250 records, and Nexla automatically paginates through all available results. Enter the JSON path to the relevant array in the Set Path to Data in Response field—for example, $.incidents[*] for the List Incidents endpoint. Pagination metadata (returned as pagination_meta, including total_record_count and cursor values) can be preserved on each record by entering $.pagination_meta in the Path to Metadata in Response field.

You do not need to include the Authorization header in Request Headers, as it is handled automatically by Nexla from your saved credential. The incident.io API uses Content-Type: application/json by default, which is also handled automatically.

Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and create the new incident.io data source. Nexla will now begin ingesting data from the configured endpoint and will organize any data that it finds into one or more Nexsets.

Use as a destination

Click the + icon on the Nexset that will be sent to the incident.io destination, and select the Send to Destination option from the menu. Select the incident.io connector from the list of available destination connectors, then select the credential that will be used to connect to incident.io, and click Next; or, create a new incident.io credential for use in this flow.

Manual configuration

incident.io destinations are configured manually to send data to any valid incident.io API endpoint. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, data format, endpoint URL, request headers, attribute exclusions, record batching, and response webhooks.

incident.io accepts data in JSON format for all write operations; Nexla sets the Content-Type: application/json header automatically when JSON is selected. Common destination endpoints include https://api.incident.io/v2/incidents to create a new incident (POST), https://api.incident.io/v2/incidents/{'{id}'} to update an existing incident by ID (PATCH or PUT), and https://api.incident.io/v2/alert_events/http/{'{alert_source_config_id}'} to post an alert event that triggers automated incident creation (POST).

Before posting alert events, configure an HTTP alert source in your incident.io dashboard (Settings > Alert sources) and use its alert_source_config_id in the endpoint URL. The alert events endpoint is rate-limited to 120 events per minute per alert source. Enabling the Response Webhook is recommended for this endpoint, since the response confirms event receipt and reports any validation errors. For additional details, refer to the incident.io Alert Events API documentation.

You do not need to include the Authorization or Content-Type headers in Request Headers, as both are handled automatically by Nexla. Record batching is typically not applicable for incident.io write endpoints, since each incident or alert event is sent to incident.io as a separate API request.

Save & activate

Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and activate the new incident.io destination. Nexla will now begin delivering data to the configured incident.io endpoint according to the flow schedule.