API Quick Start
Prerequisites
Before making API calls you need a StackFlow account and your instance URL. If you have not yet been provisioned, ask your StackFlow administrator to create your account in Admin → Users.
| Requirement | Value |
|---|---|
| Instance URL | https://<your-instance>.stackflow-tech.com |
| Cognito Hosted UI | https://stackflow-identity-373544523367.auth.us-east-1.amazoncognito.com |
| App Client ID | 570cnagpgoochn29a113du6jnt |
| Auth: ID Token header | Authorization: Bearer <id_token> |
Step 1: Get Your Token
The simplest way to get a token for testing is to log into the StackFlow portal, open the browser DevTools (F12), go to Application → Local Storage, and copy the stackflow_id_token value. For automated scripts use the Cognito API:
# Using AWS CLI with USER_PASSWORD_AUTH (for development only)
aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --client-id 570cnagpgoochn29a113du6jnt --auth-parameters USERNAME=your@email.com,PASSWORD=YourPassword --region us-east-1 --query "AuthenticationResult.IdToken" --output text
# Store as env var
export TOKEN=$(aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --client-id 570cnagpgoochn29a113du6jnt --auth-parameters USERNAME=your@email.com,PASSWORD=YourPassword --region us-east-1 --query "AuthenticationResult.IdToken" --output text)
USER_PASSWORD_AUTH for dev only: The USER_PASSWORD_AUTH flow requires the flow to be enabled on the App Client. For production automations use the client credentials flow with a service account. Never hardcode credentials in scripts.
Step 2: Make Your First Call
# Health check (no auth required)
curl https://your-instance.stackflow-tech.com/prod/api/health
# {"status":"healthy","version":"2026.1","region":"us-east-1"}
# First authenticated call — list incidents
curl -H "Authorization: Bearer $TOKEN" "https://your-instance.stackflow-tech.com/prod/api/incidents?limit=5"{
"data": [
{
"id": "INC0001234",
"short_description": "Database timeout in prod",
"priority": "P2",
"state": "in_progress",
"assigned_to": "jane.doe@example.com",
"created_at": "2026-05-19T14:30:00Z"
}
],
"total": 1,
"page": 1,
"limit": 5,
"has_more": false
}Step 3: Create an Incident
curl -X POST https://your-instance.stackflow-tech.com/prod/api/incidents -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{
"short_description": "API gateway 502 errors spike",
"priority": "P1",
"category": "network",
"subcategory": "api_gateway",
"assignment_group": "Platform Engineering",
"description": "Seeing 20% 502 error rate on /prod/api/* since 14:45 UTC"
}'{
"id": "INC0001235",
"number": "INC0001235",
"short_description": "API gateway 502 errors spike",
"priority": "P1",
"state": "new",
"category": "network",
"assignment_group": "Platform Engineering",
"created_at": "2026-05-19T14:55:00Z",
"sla_breach_at": "2026-05-19T15:55:00Z"
}Step 4: Parse the Response
Use jq to extract specific fields from API responses:
# Get incident IDs and priorities
curl -s -H "Authorization: Bearer $TOKEN" "https://your-instance.stackflow-tech.com/prod/api/incidents?state=new" | jq '.data[] | {id: .id, priority: .priority, desc: .short_description}'
# Get total count of open P1 incidents
curl -s -H "Authorization: Bearer $TOKEN" "https://your-instance.stackflow-tech.com/prod/api/incidents?priority=P1&state=new&limit=1" | jq '.total'Quick Start — Python
import requests
import boto3
# 1. Get ID token from Cognito
cognito = boto3.client('cognito-idp', region_name='us-east-1')
auth = cognito.initiate_auth(
AuthFlow='USER_PASSWORD_AUTH',
AuthParameters={'USERNAME': 'you@example.com', 'PASSWORD': 'YourPassword'},
ClientId='570cnagpgoochn29a113du6jnt'
)
id_token = auth['AuthenticationResult']['IdToken']
# 2. Set up session
BASE_URL = "https://your-instance.stackflow-tech.com/prod/api"
session = requests.Session()
session.headers.update({"Authorization": f"Bearer {id_token}"})
# 3. List open P1 incidents
resp = session.get(f"{BASE_URL}/incidents", params={"priority": "P1", "state": "new"})
resp.raise_for_status()
incidents = resp.json()
print(f"Open P1 incidents: {incidents['total']}")
# 4. Create an incident
new_inc = session.post(f"{BASE_URL}/incidents", json={
"short_description": "Memory leak on app-server-03",
"priority": "P2",
"category": "server",
"assignment_group": "Platform Engineering"
})
print(f"Created: {new_inc.json()['id']}")Quick Start — Node.js
const {
CognitoIdentityProviderClient,
InitiateAuthCommand
} = require("@aws-sdk/client-cognito-identity-provider");
async function getToken() {
const client = new CognitoIdentityProviderClient({ region: "us-east-1" });
const resp = await client.send(new InitiateAuthCommand({
AuthFlow: "USER_PASSWORD_AUTH",
ClientId: "570cnagpgoochn29a113du6jnt",
AuthParameters: { USERNAME: "you@example.com", PASSWORD: "YourPassword" }
}));
return resp.AuthenticationResult.IdToken;
}
async function main() {
const token = await getToken();
const BASE = "https://your-instance.stackflow-tech.com/prod/api";
const headers = { "Authorization": `Bearer ${token}`, "Content-Type": "application/json" };
// List incidents
const list = await fetch(`${BASE}/incidents?limit=10`, { headers });
const data = await list.json();
console.log(`Total incidents: ${data.total}`);
// Create incident
const create = await fetch(`${BASE}/incidents`, {
method: "POST", headers,
body: JSON.stringify({
short_description: "Redis connection pool exhausted",
priority: "P2", category: "database"
})
});
const inc = await create.json();
console.log(`Created: ${inc.id}`);
}
main();Next Steps
You have made your first authenticated API call. Explore the full API surface:
| Page | What You'll Learn |
|---|---|
| Incidents API | Full CRUD, work notes, bulk operations |
| Authentication | Production token flows, client credentials, API keys |
| Rate Limits & Errors | Throttle limits, error codes, retry strategies |
| SDK & Examples | Python SDK wrapper, Postman collection |