Incidents API

Report, track, and manage security incidents with multimedia evidence, escalation workflows, and SOC integration.

SOC Integration Required

Some incident endpoints require SOC module access. Contact your administrator for permissions.

Overview

The Incidents API provides complete incident lifecycle management from creation through resolution, with support for multimedia evidence attachment and automated escalation.

Incident Reporting

POST/api/v1/incidents

Create a new incident report with category classification.

View in Swagger →

POST/api/v1/incidents/{id}/evidence

Attach photos, videos, or audio evidence to an incident.

View in Swagger →

GET/api/v1/incidents

List incidents with filtering by status, severity, and date range.

View in Swagger →

Incident Management

PUT/api/v1/incidents/{id}/status

Update incident status (open, investigating, resolved, closed).

View in Swagger →

POST/api/v1/incidents/{id}/escalate

Escalate incident to SOC or management with automatic notifications.

View in Swagger →

POST/api/v1/incidents/{id}/assign

Assign incident to a specific team or individual.

View in Swagger →

Incident Analytics

GET/api/v1/incidents/analytics

Get incident statistics and trend analysis.

View in Swagger →

GET/api/v1/incidents/export

Export incident reports to PDF or Excel.

View in Swagger →

Resources

Swagger Documentation

Complete incidents API specification

SOC Integration Guide

Security Operations Center setup

Previous← Attendance API NextWebhooks →