Get Incident

The Retrieve Incident API fetches a particular incident and all its details.

Parameters

Parameter	Description
Expand	-
Incident ID	Unique ID of the incident.

Example Output

{
    "data": {
        "apps": [],
        "assignee": {
            "userEmail": "Email",
            "userFirstName": "First Name",
            "userId": "Unique ID",
            "userLastName": "Last Name"
        },
        "assigneeId": "Unique id of assignee.",
        "category": "An enumeration.",
        "compliance": [],
        "createdAt": "The date the incident was first reported.",
        "description": "Description",
        "entities": [],
        "id": "Unique id",
        "isResolved": false,
        "policy": {
            "id": "Unique id of policy.",
            "name": "Name of policy.",
            "templateId": "Template ID"
        },
        "policyId": "Unique id of policy.",
        "recommendation": "Recommendation",
        "severity": "An enumeration.",
        "status": "An enumeration.",
        "tactics": [],
        "techniques": [],
        "updatedAt": "The date the incident was last updated.",
        "url": "URL"
    }
}

Workflow Library Example

Get Incident with Authomize and Send Results Via Email

Preview this Workflow on desktop

Get Incident

Parameters​

Example Output​

Workflow Library Example​

Parameters

Example Output

Workflow Library Example