The Patch Incident API updates an existing incident (based on incident ID).
Parameter | Description |
---|---|
Assignee ID | ID of the entity assigned to this incident. |
Incident ID | Unique ID of the incident. |
Severity | The severity of the incident (Low, Medium, High or Critical). |
Status | The status of the incident (Open, InProgress, WaitingForInput, or Closed). |
{
"data": {
"apps": [],
"assignee": {
"userEmail": "Email",
"userFirstName": "First Name",
"userId": "Unique ID",
"userLastName": "Last Name"
},
"assigneeId": "Unique id of assignee.",
"category": "An enumeration.",
"compliance": [],
"createdAt": "The date the incident was first reported.",
"description": "Description",
"entities": [],
"id": "Unique id",
"isResolved": false,
"policy": {
"id": "Unique id of policy.",
"name": "Name of policy.",
"templateId": "Template ID"
},
"policyId": "Unique id of policy.",
"recommendation": "Recommendation",
"severity": "An enumeration.",
"status": "An enumeration.",
"tactics": [],
"techniques": [],
"updatedAt": "The date the incident was last updated.",
"url": "URL"
}
}
Update Incident with Authomize and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?
The Patch Incident API updates an existing incident (based on incident ID).
Parameter | Description |
---|---|
Assignee ID | ID of the entity assigned to this incident. |
Incident ID | Unique ID of the incident. |
Severity | The severity of the incident (Low, Medium, High or Critical). |
Status | The status of the incident (Open, InProgress, WaitingForInput, or Closed). |
{
"data": {
"apps": [],
"assignee": {
"userEmail": "Email",
"userFirstName": "First Name",
"userId": "Unique ID",
"userLastName": "Last Name"
},
"assigneeId": "Unique id of assignee.",
"category": "An enumeration.",
"compliance": [],
"createdAt": "The date the incident was first reported.",
"description": "Description",
"entities": [],
"id": "Unique id",
"isResolved": false,
"policy": {
"id": "Unique id of policy.",
"name": "Name of policy.",
"templateId": "Template ID"
},
"policyId": "Unique id of policy.",
"recommendation": "Recommendation",
"severity": "An enumeration.",
"status": "An enumeration.",
"tactics": [],
"techniques": [],
"updatedAt": "The date the incident was last updated.",
"url": "URL"
}
}
Update Incident with Authomize and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?