Squadcast

Number of APIs: 214

The Squadcast API provides developers the capability to extend and utilize Squadcast in conjunction with other services. Our API has resource-oriented URLs, accepts JSON-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

Note: Customers using the V2 version of the Squadcast API would need to migrate to Squadcast API V3, as the former would be deprecated shortly.

Squadcast allows customers to choose the geographic region of the Squadcast data centers that host their account. When signing up, you can choose the service region. Currently, the available options are the United States (US) and Europe (EU).

Each service region has its own URLs for API endpoints, please use the links below.

Service RegionAPI Endpoints
EUAuthentication : https://auth.eu.squadcast.com
Other APIs: https://api.eu.squadcast.com
USAuthentication : https://auth.squadcast.com
Other APIs: https://api.squadcast.com

Authentication

In order to access the API programatically, HTTP bearer authentication needs to be used. HTTP bearer authentication must be constructed using an access_token, passed as the Authorization header for each request, for example Authorization: Bearer eyJleHAiOjE2MzU1OTE1OTIsImp0aSI6Im. Steps to procure the access_token:

  1. First of all, generate a refresh_token aka API Token from the Squadcast web app.
    More details on how to get the refresh_token can be found here.
  2. Every API call needs to be authenticated using an access_token which is generated from our authentication API from the refresh_token.
  3. Then generate an access_token, by calling our authentication API with the refresh_token obtained after performing the previous step, to successfully access API our APIs.

An access_token can be generated after updating the X-Refresh-Token header with the procured refresh_token and then running the following command in the terminal.

curl --location --request GET 'https://auth.squadcast.com/oauth/access-token' \
--header 'X-Refresh-Token: 0d2a1a9a454dxxxxxxxxxxxx'

The API response would look similar to the content below:

{
    "data": {
        "access_token": "eyJhbGciOiJIUxxxxx.xxxxxxxxxxxxxxx.xxxxxxxxxxxxxxx",
        "expires_at": 1587412870,
        "issued_at": 1587240070,
        "refresh_token": "0d2a1a9a454dxxxxxxxxxxxx",
        "token_type": "bearer"
    }
}

Access Control

There are three different types of user roles in Squadcast: account_owner, stakeholder, and user. Refresh tokens upon creation are mapped with one of the mentioned user roles, and access to different resources is dependent on the permissions granted to these roles. For more information, please refer our support documentation.

Authorization

The access token authorizes users the ability to access different APIs, based on the user roles described in the section above.

  1. Incidents-Runbooks - Attach Runbooks POST {{baseUrl}}/incidents/:IncidentId/runbooks

  2. Incidents-Notes - Create Notes POST https://api.squadcast.com/v3/incidents/:IncidentId/warroom

  3. OAuth - Access Token GET https://auth.squadcast.com/oauth/access-token

  4. Incidents-Postmortems - Get All Postmortems GET {{baseUrl}}/incidents/postmortem?fromDate=2021-12-01T10:30:14.52Z&toDate=2022-03-01T10:30:14.52Z&owner_id=<string>

  5. Incidents-Postmortems - Get Postmortem By Incident GET {{baseUrl}}/incidents/:incidentID/postmortem

  6. Incidents-Postmortems - Create Postmortem POST {{baseUrl}}/incidents/:incidentID/postmortem

  7. Incidents-Postmortems - Update Postmortem By Incident PUT {{baseUrl}}/incidents/:incidentID/postmortem

  8. Incidents-Postmortems - Delete Postmortem By Incident DELETE {{baseUrl}}/incidents/:incidentID/postmortem

  9. Incidents-Notes - Update Note PUT {{baseUrl}}/incidents/:IncidentId/warroom/:NoteId

  10. Incidents-Notes - Get All Notes GET {{baseUrl}}/incidents/:IncidentId/warroom