> ## Documentation Index > Fetch the complete documentation index at: https://docs.incident.io/llms.txt > Use this file to discover all available pages before exploring further. # List > List all incident attachments for a given external resource or incident. You must provide either a specific incident ID or a specific external resource type and external ID. ## OpenAPI ````yaml /openapi/tags/incident-attachments-v1.json get /v1/incident_attachments openapi: 3.0.3 info: description: "This is the API reference for incident.io.\n\nIt documents available API endpoints, provides examples of how to use it, and\ninstructions around things like authentication and error handling.\n\nThe API is hosted at:\n\n- https://api.incident.io/\n\nAnd you will need to create an API key via your [incident.io\ndashboard](https://app.incident.io/settings/api-keys) to make requests.\n\n# Making requests\n\nHere are the key concepts required to make requests to the incident.io API.\n\n## Authentication\n\nFor all requests made to the incident.io API, you'll need an API key.\n\nTo create an API key, head to the incident dashboard and visit [API\nkeys](https://app.incident.io/settings/api-keys). When you create the key, you'll be able to choose what actions it\ncan take for your account: choose carefully, as those roles can only be set\nwhen you first create the key. We'll only show you the token once, so make sure\nyou store it somewhere safe.\n\nAPI keys are global to your incident.io account, and can be managed by anyone\nwho has the right permissions. We display the user that created the API key,\nand the API key will remain valid if that user becomes deactivated.\n\nOnce you have the key, you should make requests to the API that set the\n`Authorization` request header using a \"Bearer\" authentication scheme:\n\n```\nAuthorization: Bearer \n```\n\n## Rate Limits\n\nThe incident.io API enforces rate limits to ensure consistent performance for all users.\n\nThe default rate limit is 1200 requests/minute per API key. This limit applies to most endpoints across the API.\n\nSome endpoints have lower rate limits, particularly those that interact with external third-party systems that impose\ntheir own limitations. These specific limits vary by endpoint, and we recommend relying on the rate-limit error\nresponses to understand usage patterns and implement appropriate retry strategies.\n\nWhen you exceed a rate limit, the API will respond with a `429 Too Many Requests` status code, along with a JSON\nresponse that includes information about the limit and when you can retry:\n\n```json\n{\n \"type\": \"too_many_requests\",\n \"status\": 429,\n \"request_id\": \"b839a403-7704-41c1-bf6a-39a2d68caefa\",\n \"rate_limit\": {\n \"name\": \"api_key_name\",\n \"limit\": 1200,\n \"remaining\": 0,\n \"retry_after\": \"Thu, 17 Apr 2025 11:17:18 UTC\"\n },\n \"errors\": [\n {\n \"code\": \"too_many_requests\",\n \"message\": \"Too many requests hit the API too quickly. We recommend an exponential backoff of your requests.\"\n }\n ]\n}\n```\n\nThe response includes:\n* The name of the API key (`name`)\n* The bucket limit (`limit`)\n* The number of requests remaining (`remaining`)\n* When you can retry requests (`retry_after`)\n\n## Errors\n\nWe use standard HTTP response codes to indicate the status or failure of API\nrequests.\n\nThe API response body will be JSON, and contain more detailed information on the\nnature of the error.\n\nAn example error when a request is made without an API key:\n\n```json\n{\n \"type\": \"authentication_error\",\n \"status\": 401,\n \"request_id\": \"8e3cc412-b49d-4957-9073-2c19d2c61804\",\n \"errors\": [\n {\n \"code\": \"missing_authorization_material\",\n \"message\": \"No authorization material provided in request\"\n }\n ]\n}\n```\n\nNote that the error:\n\n- Contains the HTTP status (`401`)\n- References the type of error (`authentication_error`)\n- Includes a `request_id` that can be provided to incident.io support to help\n\tdebug questions with your API request\n- Provides a list of individual errors, which go into detail about why the error\n\toccurred\n\nThe most common error will be a 422 Validation Error, which is returned when the\nrequest was rejected due to failing validations.\n\nThese errors look like this:\n\n```json\n{\n \"type\": \"validation_error\",\n \"status\": 422,\n \"request_id\": \"631766c4-4afd-4803-997c-cd700928fa4b\",\n \"errors\": [\n {\n \"code\": \"is_required\",\n \"message\": \"A severity is required to open an incident\",\n \"source\": {\n \"field\": \"severity_id\"\n }\n }\n ]\n}\n```\n\nThis error is caused by not providing a severity identifier, which should be at\nthe `severity_id` field of the request payload. Errors like these can be mapped to\nforms, should you be integrating with the API from a user-interface.\n\n## Compatibility\n\nWe won't make breaking changes to existing API services or endpoints, but will\nexpect integrators to upgrade themselves to the latest API endpoints within 3\nmonths of us deprecating the old service.\n\nWe will make changes that are considered backwards compatible, which include:\n\n- Adding new API endpoints and services\n- Adding new properties to responses from existing API endpoints\n- Reordering properties returned from existing API endpoints\n- Adding optional request parameters to existing API endpoints\n- Altering the format or length of IDs\n- Adding new values to enums\n\nIt is important that clients are robust to these changes, to ensure reliable\nintegrations.\n\nAs an example, if you are generating a client using an openapi-generator, ensure\nthe generated client is configured to support unknown enum values, often\nconfigured via the `enumUnknownDefaultCase` parameter.\n\nWhen breaking changes are unavoidable, we'll create a new service version on a\nseparate path, and run them in parallel.\n\nFor example:\n\n- https://api.incident.io/v1/incidents\n- https://api.incident.io/v2/incidents\n\nFor any questions, email support@incident.io.\n" title: incident.io version: 1.0.0 servers: - url: https://api.incident.io security: - BearerAuth: [] tags: - description: > Create, list and delete incident attachments. Incident Attachments allows you to connect resources from external systems into incidents. Examples include: PagerDuty incidents and GitHub pull requests. name: Incident Attachments V1 paths: /v1/incident_attachments: get: tags: - Incident Attachments V1 summary: List description: >- List all incident attachments for a given external resource or incident. You must provide either a specific incident ID or a specific external resource type and external ID. operationId: Incident Attachments V1_List parameters: - allowEmptyValue: true description: Incident that this attachment is against example: 01G0J1EXE7AXZ2C93K61WBPYEH in: query name: incident_id schema: description: Incident that this attachment is against example: 01G0J1EXE7AXZ2C93K61WBPYEH type: string - allowEmptyValue: true description: ID of the resource in the external system example: '123' in: query name: external_id schema: description: ID of the resource in the external system example: '123' type: string - allowEmptyValue: true description: 'E.g. PagerDuty: the external system that holds the resource' examples: default: summary: default value: pager_duty_incident in: query name: resource_type schema: description: 'E.g. PagerDuty: the external system that holds the resource' enum: - pager_duty_incident - opsgenie_alert - datadog_monitor_alert - github_pull_request - gitlab_merge_request - sentry_issue - jira_issue - jsm_alert - atlassian_statuspage_incident - zendesk_ticket - google_calendar_event - outlook_calendar_event - slack_file - salesforce_case - scrubbed - statuspage_incident example: pager_duty_incident type: string responses: '200': content: application/json: example: incident_attachments: - id: 01FCNDV6P870EA6S7TK1DSYD5H incident_id: 01FCNDV6P870EA6S7TK1DSYD5H resource: external_id: '123' permalink: https://my.pagerduty.com/incidents/ABC resource_type: pager_duty_incident title: The database has gone down schema: $ref: '#/components/schemas/IncidentAttachmentsListResultV1' description: OK response. components: schemas: IncidentAttachmentsListResultV1: example: incident_attachments: - id: 01FCNDV6P870EA6S7TK1DSYD5H incident_id: 01FCNDV6P870EA6S7TK1DSYD5H resource: external_id: '123' permalink: https://my.pagerduty.com/incidents/ABC resource_type: pager_duty_incident title: The database has gone down properties: incident_attachments: example: - id: 01FCNDV6P870EA6S7TK1DSYD5H incident_id: 01FCNDV6P870EA6S7TK1DSYD5H resource: external_id: '123' permalink: https://my.pagerduty.com/incidents/ABC resource_type: pager_duty_incident title: The database has gone down items: $ref: '#/components/schemas/IncidentAttachmentV1' type: array required: - incident_attachments type: object IncidentAttachmentV1: properties: id: description: Unique identifier of this incident membership example: 01FCNDV6P870EA6S7TK1DSYD5H type: string incident_id: description: Unique identifier of the incident example: 01FCNDV6P870EA6S7TK1DSYD5H type: string resource: $ref: '#/components/schemas/ExternalResourceV1' required: - id - incident_id - resource type: object ExternalResourceV1: example: external_id: '123' permalink: https://my.pagerduty.com/incidents/ABC resource_type: pager_duty_incident title: The database has gone down properties: external_id: description: ID of the resource in the external system example: '123' type: string permalink: description: URL of the resource example: https://my.pagerduty.com/incidents/ABC type: string resource_type: description: 'E.g. PagerDuty: the external system that holds the resource' enum: - pager_duty_incident - opsgenie_alert - datadog_monitor_alert - github_pull_request - gitlab_merge_request - sentry_issue - jira_issue - jsm_alert - atlassian_statuspage_incident - zendesk_ticket - google_calendar_event - outlook_calendar_event - slack_file - salesforce_case - scrubbed - statuspage_incident example: pager_duty_incident type: string title: description: Title of resource example: The database has gone down type: string required: - permalink - external_id - title - resource_type type: object securitySchemes: BearerAuth: type: http scheme: bearer description: API key from your incident.io dashboard (Settings → API keys) ````