Ionhour Docs
API Reference

Incidents API

List and filter incidents, acknowledge, add notes, and view event timelines.

List Incidents

GET /incidents

Returns a paginated list of incidents with enriched context.

Query Parameters

ParameterTypeDescription
workspaceIdnumberFilter by workspace
projectIdnumberFilter by project
checkIdnumberFilter by check
statestringACTIVE or RESOLVED (case-insensitive; OPEN and MONITORING are aliases for ACTIVE)
pagenumberPage number (default: 1)
limitnumberItems per page (default: 20)

Example

curl -H "Authorization: Bearer ionh_your_key" \
  "https://app.failsignal.com/api/incidents?workspaceId=1&state=ACTIVE"

Enriched Response

Each incident in the list includes additional context beyond the base entity:

FieldTypeDescription
projectobjectid and name of the parent project
checkobjectid, name, and token of the check
dependencyobjectid and name (only for DEPENDENCY_DOWN incidents)
acknowledgedByUserobjectid and email (if acknowledged)
lastSignalAtstringISO timestamp of the latest signal
lastSignalTypestringSUCCESS, SUSPECT, FAIL, or DEPLOYMENT
lastSignalSourcestringWhere the signal came from
lastSuccessAtstringISO timestamp of the last successful signal
durationSinceSuccessMsnumberMilliseconds since last success

Get Incident

GET /incidents/:id

Returns a single incident with the same enriched fields as the list endpoint.

curl -H "Authorization: Bearer ionh_your_key" \
  https://app.failsignal.com/api/incidents/456

Acknowledge Incident

POST /incidents/:id/acknowledge

Marks an incident as acknowledged by the current user. Acknowledgment signals that someone is actively investigating.

curl -X POST https://app.failsignal.com/api/incidents/456/acknowledge \
  -H "Authorization: Bearer ionh_your_key"

The response includes:

  • acknowledgedBy — the user ID
  • acknowledgedAt — the timestamp

Acknowledging an already-acknowledged incident returns the same result (idempotent). Acknowledging a resolved incident returns a 409 Conflict.

Incident Events (Timeline)

GET /incident-events/:incidentId

Returns the event timeline for an incident — an immutable audit log of everything that happened.

curl -H "Authorization: Bearer ionh_your_key" \
  https://app.failsignal.com/api/incident-events/456

Event Types

TypeWhen it's created
OPENEDIncident was created
ACKNOWLEDGEDA user acknowledged the incident
ALERT_SENTA notification was dispatched (email or Slack)
RESOLVEDIncident was resolved (automatically or manually)

Each event includes:

  • type — the event type
  • message — human-readable description
  • occurredAt — ISO timestamp

Incident Notes

Notes let you document investigation findings, root cause analysis, and remediation steps directly on an incident.

List Notes

GET /incident-notes/:incidentId
curl -H "Authorization: Bearer ionh_your_key" \
  https://app.failsignal.com/api/incident-notes/456

Create Note

POST /incident-notes/:incidentId
curl -X POST https://app.failsignal.com/api/incident-notes/456 \
  -H "Authorization: Bearer ionh_your_key" \
  -H "Content-Type: application/json" \
  -d '{"body": "Root cause identified: database connection pool exhausted after deploy."}'

Update Note

PATCH /incident-notes/:incidentId/:noteId

Only the note's author can update it.

curl -X PATCH https://app.failsignal.com/api/incident-notes/456/789 \
  -H "Authorization: Bearer ionh_your_key" \
  -H "Content-Type: application/json" \
  -d '{"body": "Updated root cause: connection pool exhausted due to missing pool size config."}'

Delete Note

DELETE /incident-notes/:incidentId/:noteId

Only the note's author can delete it. Notes are soft-deleted (retained for audit purposes).

Incident Fields Reference

FieldTypeDescription
idnumberIncident ID
checkIdnumberThe check that triggered this incident
titlestringHuman-readable title
summarystringOptional detailed description
statestringACTIVE or RESOLVED
reasonstringSERVICE_DOWN or DEPENDENCY_DOWN
severitystringCRITICAL (service down) or WARNING (dependency down)
startedAtstringWhen the incident was created
resolvedAtstringWhen the incident was resolved (null if active)
recoveredAtstringWhen the service actually recovered
acknowledgedBynumberUser ID who acknowledged (null if not acknowledged)
acknowledgedAtstringWhen it was acknowledged
dependencyIdnumberThe dependency that caused the impact (for DEPENDENCY_DOWN)
dependencyNamestringName of the impacted dependency
publicIdstringULID for public-facing incident references

Checks API

Create, list, update, pause, and delete checks. Includes outbound check configuration.

Signals API

Send heartbeat pings, query signal history, and subscribe to real-time updates via SSE.

On this page

List IncidentsQuery ParametersExampleEnriched ResponseGet IncidentAcknowledge IncidentIncident Events (Timeline)Event TypesIncident NotesList NotesCreate NoteUpdate NoteDelete NoteIncident Fields Reference