> ## Documentation Index
> Fetch the complete documentation index at: https://docs.incident.io/llms.txt
> Use this file to discover all available pages before exploring further.

# List

> List alert notes attached to an alert.

🔑 Requires the `alerts.view` scope.


## OpenAPI

````yaml /openapi/tags/alert-notes-v1.json get /v1/alert_notes
openapi: 3.0.3
info:
  description: "This is the API reference for incident.io.\n\nIt documents available API endpoints, provides examples of how to use it, and\ninstructions around things like authentication and error handling.\n\nThe API is hosted at:\n\n- https://api.incident.io/\n\nAnd you will need to create an API key via your [incident.io\ndashboard](https://app.incident.io/settings/api-keys) to make requests.\n\n# Making requests\n\nHere are the key concepts required to make requests to the incident.io API.\n\n## Authentication\n\nFor all requests made to the incident.io API, you'll need an API key.\n\nTo create an API key, head to the incident dashboard and visit [API\nkeys](https://app.incident.io/settings/api-keys). When you create the key, you'll be able to choose what actions it\ncan take for your account: choose carefully, as those roles can only be set\nwhen you first create the key. We'll only show you the token once, so make sure\nyou store it somewhere safe.\n\nAPI keys are global to your incident.io account, and can be managed by anyone\nwho has the right permissions. We display the user that created the API key,\nand the API key will remain valid if that user becomes deactivated.\n\nOnce you have the key, you should make requests to the API that set the\n`Authorization` request header using a \"Bearer\" authentication scheme:\n\n```\nAuthorization: Bearer <YOUR_API_KEY>\n```\n\n## Rate Limits\n\nThe incident.io API enforces rate limits to ensure consistent performance for all users.\n\nThe default rate limit is 1200 requests/minute per API key. This limit applies to most endpoints across the API.\n\nSome endpoints have lower rate limits, particularly those that interact with external third-party systems that impose\ntheir own limitations. These specific limits vary by endpoint, and we recommend relying on the rate-limit error\nresponses to understand usage patterns and implement appropriate retry strategies.\n\nWhen you exceed a rate limit, the API will respond with a `429 Too Many Requests` status code, along with a JSON\nresponse that includes information about the limit and when you can retry:\n\n```json\n{\n    \"type\": \"too_many_requests\",\n    \"status\": 429,\n    \"request_id\": \"b839a403-7704-41c1-bf6a-39a2d68caefa\",\n    \"rate_limit\": {\n        \"name\": \"api_key_name\",\n        \"limit\": 1200,\n        \"remaining\": 0,\n        \"retry_after\": \"Thu, 17 Apr 2025 11:17:18 UTC\"\n    },\n    \"errors\": [\n        {\n            \"code\": \"too_many_requests\",\n            \"message\": \"Too many requests hit the API too quickly. We recommend an exponential backoff of your requests.\"\n        }\n    ]\n}\n```\n\nThe response includes:\n* The name of the API key (`name`)\n* The bucket limit (`limit`)\n* The number of requests remaining (`remaining`)\n* When you can retry requests (`retry_after`)\n\n## Errors\n\nWe use standard HTTP response codes to indicate the status or failure of API\nrequests.\n\nThe API response body will be JSON, and contain more detailed information on the\nnature of the error.\n\nAn example error when a request is made without an API key:\n\n```json\n{\n  \"type\": \"authentication_error\",\n  \"status\": 401,\n  \"request_id\": \"8e3cc412-b49d-4957-9073-2c19d2c61804\",\n  \"errors\": [\n    {\n      \"code\": \"missing_authorization_material\",\n      \"message\": \"No authorization material provided in request\"\n    }\n  ]\n}\n```\n\nNote that the error:\n\n- Contains the HTTP status (`401`)\n- References the type of error (`authentication_error`)\n- Includes a `request_id` that can be provided to incident.io support to help\n\tdebug questions with your API request\n- Provides a list of individual errors, which go into detail about why the error\n\toccurred\n\nThe most common error will be a 422 Validation Error, which is returned when the\nrequest was rejected due to failing validations.\n\nThese errors look like this:\n\n```json\n{\n  \"type\": \"validation_error\",\n  \"status\": 422,\n  \"request_id\": \"631766c4-4afd-4803-997c-cd700928fa4b\",\n  \"errors\": [\n    {\n      \"code\": \"is_required\",\n      \"message\": \"A severity is required to open an incident\",\n      \"source\": {\n        \"field\": \"severity_id\"\n      }\n    }\n  ]\n}\n```\n\nThis error is caused by not providing a severity identifier, which should be at\nthe `severity_id` field of the request payload. Errors like these can be mapped to\nforms, should you be integrating with the API from a user-interface.\n\n## Compatibility\n\nWe won't make breaking changes to existing API services or endpoints, but will\nexpect integrators to upgrade themselves to the latest API endpoints within 3\nmonths of us deprecating the old service.\n\nWe will make changes that are considered backwards compatible, which include:\n\n- Adding new API endpoints and services\n- Adding new properties to responses from existing API endpoints\n- Reordering properties returned from existing API endpoints\n- Adding optional request parameters to existing API endpoints\n- Altering the format or length of IDs\n- Adding new values to enums\n\nIt is important that clients are robust to these changes, to ensure reliable\nintegrations.\n\nAs an example, if you are generating a client using an openapi-generator, ensure\nthe generated client is configured to support unknown enum values, often\nconfigured via the `enumUnknownDefaultCase` parameter.\n\nWhen breaking changes are unavoidable, we'll create a new service version on a\nseparate path, and run them in parallel.\n\nFor example:\n\n- https://api.incident.io/v1/incidents\n- https://api.incident.io/v2/incidents\n\nFor any questions, email support@incident.io.\n"
  title: incident.io
  version: 1.0.0
servers:
  - url: https://api.incident.io
security:
  - BearerAuth: []
tags:
  - description: >
      Manage notes attached to alerts.


      Notes let your team capture context, decisions, and investigation findings
      against

      an individual alert without needing to declare an incident.


      Note content is stored and returned as Markdown. The following formatting
      is

      supported:


      - **Headings** (`#`, `##`, `###`)

      - **Bold** and *italic* text formatting

      - ~~Strikethrough~~ text

      - Inline `code` and fenced code blocks

      - Bullet lists and numbered lists

      - Blockquotes

      - [Links](url) using Markdown link syntax — bare URLs are not auto-linked

      - Tables (GitHub-flavoured Markdown)

      - Horizontal rules (`---`)


      Raw HTML, image syntax (`![alt](url)`), task lists, and footnotes are not

      supported, and will be stripped or rendered as plain text.
    name: Alert Notes V1
paths:
  /v1/alert_notes:
    get:
      tags:
        - Alert Notes V1
      summary: List
      description: List alert notes attached to an alert.
      operationId: Alert Notes V1_List
      parameters:
        - allowEmptyValue: true
          description: ID of the alert to list notes for
          example: 01FCNDV6P870EA6S7TK1DSYDG0
          in: query
          name: alert_id
          required: true
          schema:
            description: ID of the alert to list notes for
            example: 01FCNDV6P870EA6S7TK1DSYDG0
            type: string
        - allowEmptyValue: true
          description: Integer number of records to return
          example: 25
          in: query
          name: page_size
          schema:
            default: 25
            description: Integer number of records to return
            example: 25
            format: int64
            maximum: 250
            type: integer
        - allowEmptyValue: true
          description: >-
            An record's ID. This endpoint will return a list of records after
            this ID in relation to the API response order.
          example: 01FDAG4SAP5TYPT98WGR2N7W91
          in: query
          name: after
          schema:
            description: >-
              An record's ID. This endpoint will return a list of records after
              this ID in relation to the API response order.
            example: 01FDAG4SAP5TYPT98WGR2N7W91
            type: string
      responses:
        '200':
          content:
            application/json:
              example:
                alert_notes:
                  - content: >
                      Customer reports **checkout 500s** starting ~14:32 UTC.
                      Investigating `payments-api`.


                      - Error rate: ~12% on `/checkout`

                      - Region: `eu-west-1`

                      - See [dashboard](https://grafana.example.com/d/abc)
                    created_at: '2026-05-28T15:30:00Z'
                    creator:
                      api_key:
                        id: 01FCNDV6P870EA6S7TK1DSYDG0
                        name: My test API key
                      user:
                        email: lisa@incident.io
                        id: 01FCNDV6P870EA6S7TK1DSYDG0
                        name: Lisa Karlin Curtis
                        role: viewer
                        slack_user_id: U02AYNF2XJM
                    id: 01J1X9J85C7Y12G8P8W8K55Q5Y
                    images:
                      - id: 01G0J1EXE7AXZ2C93K61WBPYEH
                        url: https://storage.googleapis.com/incident-io/images/...
                    last_edited_at: '2026-05-28T15:35:00Z'
                    updated_at: '2026-05-28T15:35:00Z'
                pagination_meta:
                  after: 01FCNDV6P870EA6S7TK1DSYDG0
                  page_size: 25
              schema:
                $ref: '#/components/schemas/AlertNotesListResultV1'
          description: OK response.
components:
  schemas:
    AlertNotesListResultV1:
      example:
        alert_notes:
          - content: >
              Customer reports **checkout 500s** starting ~14:32 UTC.
              Investigating `payments-api`.


              - Error rate: ~12% on `/checkout`

              - Region: `eu-west-1`

              - See [dashboard](https://grafana.example.com/d/abc)
            created_at: '2026-05-28T15:30:00Z'
            creator:
              api_key:
                id: 01FCNDV6P870EA6S7TK1DSYDG0
                name: My test API key
              user:
                email: lisa@incident.io
                id: 01FCNDV6P870EA6S7TK1DSYDG0
                name: Lisa Karlin Curtis
                role: viewer
                slack_user_id: U02AYNF2XJM
            id: 01J1X9J85C7Y12G8P8W8K55Q5Y
            images:
              - id: 01G0J1EXE7AXZ2C93K61WBPYEH
                url: https://storage.googleapis.com/incident-io/images/...
            last_edited_at: '2026-05-28T15:35:00Z'
            updated_at: '2026-05-28T15:35:00Z'
        pagination_meta:
          after: 01FCNDV6P870EA6S7TK1DSYDG0
          page_size: 25
      properties:
        alert_notes:
          example:
            - content: >
                Customer reports **checkout 500s** starting ~14:32 UTC.
                Investigating `payments-api`.


                - Error rate: ~12% on `/checkout`

                - Region: `eu-west-1`

                - See [dashboard](https://grafana.example.com/d/abc)
              created_at: '2026-05-28T15:30:00Z'
              creator:
                api_key:
                  id: 01FCNDV6P870EA6S7TK1DSYDG0
                  name: My test API key
                user:
                  email: lisa@incident.io
                  id: 01FCNDV6P870EA6S7TK1DSYDG0
                  name: Lisa Karlin Curtis
                  role: viewer
                  slack_user_id: U02AYNF2XJM
              id: 01J1X9J85C7Y12G8P8W8K55Q5Y
              images:
                - id: 01G0J1EXE7AXZ2C93K61WBPYEH
                  url: https://storage.googleapis.com/incident-io/images/...
              last_edited_at: '2026-05-28T15:35:00Z'
              updated_at: '2026-05-28T15:35:00Z'
          items:
            $ref: '#/components/schemas/AlertNoteV1'
          type: array
        pagination_meta:
          $ref: '#/components/schemas/PaginationMetaResultV1'
      required:
        - alert_notes
        - pagination_meta
      type: object
    AlertNoteV1:
      properties:
        content:
          description: Markdown body of the note
          example: >
            Customer reports **checkout 500s** starting ~14:32 UTC.
            Investigating `payments-api`.


            - Error rate: ~12% on `/checkout`

            - Region: `eu-west-1`

            - See [dashboard](https://grafana.example.com/d/abc)
          type: string
        created_at:
          description: When this note was first created
          example: '2026-05-28T15:30:00Z'
          format: date-time
          type: string
        creator:
          $ref: '#/components/schemas/ActorV1'
        id:
          description: Unique identifier for the alert note
          example: 01J1X9J85C7Y12G8P8W8K55Q5Y
          type: string
        images:
          description: >-
            Images attached to the current version of the note, with signed URLs
            valid for 10 minutes
          example:
            - id: 01G0J1EXE7AXZ2C93K61WBPYEH
              url: https://storage.googleapis.com/incident-io/images/...
          items:
            $ref: '#/components/schemas/ImageV1'
          type: array
        last_edited_at:
          description: >-
            When this note was last edited, only set if it has been edited at
            least once since creation
          example: '2026-05-28T15:35:00Z'
          format: date-time
          type: string
        updated_at:
          description: When this note was last updated
          example: '2026-05-28T15:35:00Z'
          format: date-time
          type: string
      required:
        - id
        - content
        - creator
        - images
        - created_at
        - updated_at
      type: object
    PaginationMetaResultV1:
      example:
        after: 01FCNDV6P870EA6S7TK1DSYDG0
        page_size: 25
      properties:
        after:
          description: If provided, pass this as the 'after' param to load the next page
          example: 01FCNDV6P870EA6S7TK1DSYDG0
          type: string
        page_size:
          default: 25
          description: What was the maximum number of results requested
          example: 25
          format: int64
          maximum: 250
          type: integer
      required:
        - page_size
      type: object
    ActorV1:
      example:
        api_key:
          id: 01FCNDV6P870EA6S7TK1DSYDG0
          name: My test API key
        user:
          email: lisa@incident.io
          id: 01FCNDV6P870EA6S7TK1DSYDG0
          name: Lisa Karlin Curtis
          role: viewer
          slack_user_id: U02AYNF2XJM
      properties:
        api_key:
          $ref: '#/components/schemas/APIKeyActorV1'
        user:
          $ref: '#/components/schemas/UserV1'
      type: object
    ImageV1:
      example:
        id: 01G0J1EXE7AXZ2C93K61WBPYEH
        url: https://storage.googleapis.com/incident-io/images/...
      properties:
        id:
          description: Unique identifier for the image
          example: 01G0J1EXE7AXZ2C93K61WBPYEH
          type: string
        url:
          description: Pre-signed URL to fetch the image, valid for 10 minutes
          example: https://storage.googleapis.com/incident-io/images/...
          type: string
      required:
        - id
        - url
      type: object
    APIKeyActorV1:
      example:
        id: 01FCNDV6P870EA6S7TK1DSYDG0
        name: My test API key
      properties:
        id:
          description: Unique identifier for this API key
          example: 01FCNDV6P870EA6S7TK1DSYDG0
          type: string
        name:
          description: The name of the API key, for the user's reference
          example: My test API key
          type: string
      required:
        - id
        - name
      type: object
    UserV1:
      example:
        email: lisa@incident.io
        id: 01FCNDV6P870EA6S7TK1DSYDG0
        name: Lisa Karlin Curtis
        role: viewer
        slack_user_id: U02AYNF2XJM
      properties:
        email:
          description: Email address of the user.
          example: lisa@incident.io
          type: string
        id:
          description: Unique identifier of the user
          example: 01FCNDV6P870EA6S7TK1DSYDG0
          type: string
        name:
          description: Name of the user
          example: Lisa Karlin Curtis
          type: string
        role:
          description: >-
            DEPRECATED: Role of the user as of March 9th 2023, this value is no
            longer updated.
          enum:
            - viewer
            - responder
            - administrator
            - owner
            - unset
          example: viewer
          type: string
        slack_user_id:
          description: Slack ID of the user
          example: U02AYNF2XJM
          type: string
      required:
        - role
        - id
        - name
      type: object
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: API key from your incident.io dashboard (Settings → API keys)

````