> ## Documentation Index
> Fetch the complete documentation index at: https://docs.incident.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Attach

> Link an externally-hosted post-mortem document to an incident.

Use this to attach a retrospective document you've created in your own provider (for example
Confluence, Notion, or Google Docs) to an existing incident. This is the API equivalent of
pasting a document link into the incident.io dashboard, and is useful for automating your
retrospective workflow - for example, creating a document in the right space with the right
permissions when an incident is opened, then linking it back to the incident.

Only one external post-mortem can be attached to an incident, and you cannot attach an external
document to an incident that already has an in-app post-mortem. Re-attaching the same incident
with a new permalink updates the existing link.


🔑 Requires the `external_postmortems.create` scope.


## OpenAPI

````yaml /openapi/tags/postmortemdocuments-v1.json post /v1/postmortem_documents/actions/attach
openapi: 3.0.3
info:
  description: "This is the API reference for incident.io.\n\nIt documents available API endpoints, provides examples of how to use it, and\ninstructions around things like authentication and error handling.\n\nThe API is hosted at:\n\n- https://api.incident.io/\n\nAnd you will need to create an API key via your [incident.io\ndashboard](https://app.incident.io/settings/api-keys) to make requests.\n\n# Making requests\n\nHere are the key concepts required to make requests to the incident.io API.\n\n## Authentication\n\nFor all requests made to the incident.io API, you'll need an API key.\n\nTo create an API key, head to the incident dashboard and visit [API\nkeys](https://app.incident.io/settings/api-keys). When you create the key, you'll be able to choose what actions it\ncan take for your account: choose carefully, as those roles can only be set\nwhen you first create the key. We'll only show you the token once, so make sure\nyou store it somewhere safe.\n\nAPI keys are global to your incident.io account, and can be managed by anyone\nwho has the right permissions. We display the user that created the API key,\nand the API key will remain valid if that user becomes deactivated.\n\nOnce you have the key, you should make requests to the API that set the\n`Authorization` request header using a \"Bearer\" authentication scheme:\n\n```\nAuthorization: Bearer <YOUR_API_KEY>\n```\n\n## Rate Limits\n\nThe incident.io API enforces rate limits to ensure consistent performance for all users.\n\nThe default rate limit is 1200 requests/minute per API key. This limit applies to most endpoints across the API.\n\nSome endpoints have lower rate limits, particularly those that interact with external third-party systems that impose\ntheir own limitations. These specific limits vary by endpoint, and we recommend relying on the rate-limit error\nresponses to understand usage patterns and implement appropriate retry strategies.\n\nWhen you exceed a rate limit, the API will respond with a `429 Too Many Requests` status code, along with a JSON\nresponse that includes information about the limit and when you can retry:\n\n```json\n{\n    \"type\": \"too_many_requests\",\n    \"status\": 429,\n    \"request_id\": \"b839a403-7704-41c1-bf6a-39a2d68caefa\",\n    \"rate_limit\": {\n        \"name\": \"api_key_name\",\n        \"limit\": 1200,\n        \"remaining\": 0,\n        \"retry_after\": \"Thu, 17 Apr 2025 11:17:18 UTC\"\n    },\n    \"errors\": [\n        {\n            \"code\": \"too_many_requests\",\n            \"message\": \"Too many requests hit the API too quickly. We recommend an exponential backoff of your requests.\"\n        }\n    ]\n}\n```\n\nThe response includes:\n* The name of the API key (`name`)\n* The bucket limit (`limit`)\n* The number of requests remaining (`remaining`)\n* When you can retry requests (`retry_after`)\n\n## Errors\n\nWe use standard HTTP response codes to indicate the status or failure of API\nrequests.\n\nThe API response body will be JSON, and contain more detailed information on the\nnature of the error.\n\nAn example error when a request is made without an API key:\n\n```json\n{\n  \"type\": \"authentication_error\",\n  \"status\": 401,\n  \"request_id\": \"8e3cc412-b49d-4957-9073-2c19d2c61804\",\n  \"errors\": [\n    {\n      \"code\": \"missing_authorization_material\",\n      \"message\": \"No authorization material provided in request\"\n    }\n  ]\n}\n```\n\nNote that the error:\n\n- Contains the HTTP status (`401`)\n- References the type of error (`authentication_error`)\n- Includes a `request_id` that can be provided to incident.io support to help\n\tdebug questions with your API request\n- Provides a list of individual errors, which go into detail about why the error\n\toccurred\n\nThe most common error will be a 422 Validation Error, which is returned when the\nrequest was rejected due to failing validations.\n\nThese errors look like this:\n\n```json\n{\n  \"type\": \"validation_error\",\n  \"status\": 422,\n  \"request_id\": \"631766c4-4afd-4803-997c-cd700928fa4b\",\n  \"errors\": [\n    {\n      \"code\": \"is_required\",\n      \"message\": \"A severity is required to open an incident\",\n      \"source\": {\n        \"field\": \"severity_id\"\n      }\n    }\n  ]\n}\n```\n\nThis error is caused by not providing a severity identifier, which should be at\nthe `severity_id` field of the request payload. Errors like these can be mapped to\nforms, should you be integrating with the API from a user-interface.\n\n## Compatibility\n\nWe won't make breaking changes to existing API services or endpoints, but will\nexpect integrators to upgrade themselves to the latest API endpoints within 3\nmonths of us deprecating the old service.\n\nWe will make changes that are considered backwards compatible, which include:\n\n- Adding new API endpoints and services\n- Adding new properties to responses from existing API endpoints\n- Reordering properties returned from existing API endpoints\n- Adding optional request parameters to existing API endpoints\n- Altering the format or length of IDs\n- Adding new values to enums\n\nIt is important that clients are robust to these changes, to ensure reliable\nintegrations.\n\nAs an example, if you are generating a client using an openapi-generator, ensure\nthe generated client is configured to support unknown enum values, often\nconfigured via the `enumUnknownDefaultCase` parameter.\n\nWhen breaking changes are unavoidable, we'll create a new service version on a\nseparate path, and run them in parallel.\n\nFor example:\n\n- https://api.incident.io/v1/incidents\n- https://api.incident.io/v2/incidents\n\nFor any questions, email support@incident.io.\n"
  title: incident.io
  version: 1.0.0
servers:
  - url: https://api.incident.io
security:
  - BearerAuth: []
tags:
  - description: >
      Manage post-mortem documents.


      Post-mortem documents capture the learnings from an incident, and are
      associated with a specific

      incident. Use this API to list and retrieve post-mortem documents, update
      their status, and fetch

      the full document's content.
    name: PostmortemDocuments V1
paths:
  /v1/postmortem_documents/actions/attach:
    post:
      tags:
        - PostmortemDocuments V1
      summary: Attach
      description: >
        Link an externally-hosted post-mortem document to an incident.


        Use this to attach a retrospective document you've created in your own
        provider (for example

        Confluence, Notion, or Google Docs) to an existing incident. This is the
        API equivalent of

        pasting a document link into the incident.io dashboard, and is useful
        for automating your

        retrospective workflow - for example, creating a document in the right
        space with the right

        permissions when an incident is opened, then linking it back to the
        incident.


        Only one external post-mortem can be attached to an incident, and you
        cannot attach an external

        document to an incident that already has an in-app post-mortem.
        Re-attaching the same incident

        with a new permalink updates the existing link.
      operationId: PostmortemDocuments V1_Attach
      requestBody:
        content:
          application/json:
            example:
              document_provider: notion
              incident_id: 01GBA8J19SMXQWPJMX3P2ESCVG
              permalink: https://www.notion.so/INC-123-database-is-sad
            schema:
              $ref: '#/components/schemas/PostmortemDocumentsAttachPayloadV1'
        required: true
      responses:
        '201':
          content:
            application/json:
              example:
                postmortem_document:
                  created_at: '2021-08-17T13:28:57.801578Z'
                  document_url: >-
                    https://app.incident.io/my-org/incidents/123/post-mortems/01GDZEW57FDA1K4S63MGMQ5DS9
                  editors:
                    - email: lisa@incident.io
                      id: 01FCNDV6P870EA6S7TK1DSYDG0
                      name: Lisa Karlin Curtis
                      role: viewer
                      slack_user_id: U02AYNF2XJM
                  exported_urls:
                    - https://www.notion.so/INC-123-sad-database
                    - https://docs.google.com/document/d/1234
                  id: 01GDZEW57FDA1K4S63MGMQ5DS9
                  incident_id: 01GBA8J19SMXQWPJMX3P2ESCVG
                  status: in_progress
                  title: 'INC-123: Database is sad'
                  type: in_app
                  updated_at: abc123
              schema:
                $ref: '#/components/schemas/PostmortemDocumentsAttachResultV1'
          description: Created response.
components:
  schemas:
    PostmortemDocumentsAttachPayloadV1:
      example:
        document_provider: notion
        incident_id: 01GBA8J19SMXQWPJMX3P2ESCVG
        permalink: https://www.notion.so/INC-123-database-is-sad
      properties:
        document_provider:
          description: >-
            The provider hosting the document. Set this when it can't be
            inferred from the permalink so the link renders correctly.
          enum:
            - ''
            - confluence
            - google_docs
            - notion
            - sharepoint
            - incident_io
            - copy_paste_basecamp
            - copy_paste_confluence
            - copy_paste_github_wiki
            - copy_paste_google_docs
            - copy_paste_notion
            - copy_paste_quip
          example: notion
          type: string
        incident_id:
          description: >-
            The unique identifier of the incident to attach the post-mortem
            document to
          example: 01GBA8J19SMXQWPJMX3P2ESCVG
          type: string
        permalink:
          description: A URL pointing to the externally-hosted post-mortem document
          example: https://www.notion.so/INC-123-database-is-sad
          type: string
      required:
        - incident_id
        - permalink
      type: object
    PostmortemDocumentsAttachResultV1:
      example:
        postmortem_document:
          created_at: '2021-08-17T13:28:57.801578Z'
          document_url: >-
            https://app.incident.io/my-org/incidents/123/post-mortems/01GDZEW57FDA1K4S63MGMQ5DS9
          editors:
            - email: lisa@incident.io
              id: 01FCNDV6P870EA6S7TK1DSYDG0
              name: Lisa Karlin Curtis
              role: viewer
              slack_user_id: U02AYNF2XJM
          exported_urls:
            - https://www.notion.so/INC-123-sad-database
            - https://docs.google.com/document/d/1234
          id: 01GDZEW57FDA1K4S63MGMQ5DS9
          incident_id: 01GBA8J19SMXQWPJMX3P2ESCVG
          status: in_progress
          title: 'INC-123: Database is sad'
          type: in_app
          updated_at: abc123
      properties:
        postmortem_document:
          $ref: '#/components/schemas/PostmortemDocumentV1'
      required:
        - postmortem_document
      type: object
    PostmortemDocumentV1:
      properties:
        created_at:
          description: Timestamp for when the document was created
          example: '2021-08-17T13:28:57.801578Z'
          format: date-time
          type: string
        document_url:
          description: A URL to view the post-mortem document in the incident.io dashboard
          example: >-
            https://app.incident.io/my-org/incidents/123/post-mortems/01GDZEW57FDA1K4S63MGMQ5DS9
          type: string
        editors:
          description: The list of users who have edited this post-mortem document
          example:
            - email: lisa@incident.io
              id: 01FCNDV6P870EA6S7TK1DSYDG0
              name: Lisa Karlin Curtis
              role: viewer
              slack_user_id: U02AYNF2XJM
          items:
            $ref: '#/components/schemas/UserV1'
          type: array
        exported_urls:
          description: URLs of any external locations this document has been exported to
          example:
            - https://www.notion.so/INC-123-sad-database
            - https://docs.google.com/document/d/1234
          items:
            example: abc123
            type: string
          type: array
        id:
          description: Unique identifier for the post-mortem document
          example: 01GDZEW57FDA1K4S63MGMQ5DS9
          type: string
        incident_id:
          description: >-
            The unique identifier of the incident that this post-mortem document
            belongs to
          example: 01GBA8J19SMXQWPJMX3P2ESCVG
          type: string
        status:
          description: The current status of this post-mortem document
          enum:
            - in_progress
            - in_review
            - completed
          example: in_progress
          type: string
        title:
          description: The display title of the post-mortem document
          example: 'INC-123: Database is sad'
          type: string
        type:
          description: >-
            Whether this is a native incident.io post-mortem or one hosted in an
            external provider
          enum:
            - in_app
            - external
          example: in_app
          type: string
        updated_at:
          description: Timestamp for when the document was last updated
          example: abc123
          type: string
      required:
        - id
        - incident_id
        - title
        - status
        - created_at
        - updated_at
        - document_url
        - exported_urls
        - editors
        - type
      type: object
    UserV1:
      example:
        email: lisa@incident.io
        id: 01FCNDV6P870EA6S7TK1DSYDG0
        name: Lisa Karlin Curtis
        role: viewer
        slack_user_id: U02AYNF2XJM
      properties:
        email:
          description: Email address of the user.
          example: lisa@incident.io
          type: string
        id:
          description: Unique identifier of the user
          example: 01FCNDV6P870EA6S7TK1DSYDG0
          type: string
        name:
          description: Name of the user
          example: Lisa Karlin Curtis
          type: string
        role:
          description: >-
            DEPRECATED: Role of the user as of March 9th 2023, this value is no
            longer updated.
          enum:
            - viewer
            - responder
            - administrator
            - owner
            - unset
          example: viewer
          type: string
        slack_user_id:
          description: Slack ID of the user
          example: U02AYNF2XJM
          type: string
      required:
        - role
        - id
        - name
      type: object
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: API key from your incident.io dashboard (Settings → API keys)

````