Atlassian OpsGenie
LAST UPDATED: SEPTEMBER 18, 2025
Overview
Opsgenie is a cloud-based incident management platform that ensures alerts from your monitoring systems and custom applications are well managed, so that critical incidents are never missed, and actions are taken by the right people in the shortest possible time. This integration enables organizations to manage on-call schedules and other items.
D3 SOAR is providing REST operations to function with Atlassian OpsGenie.
Atlassian OpsGenie is available for use in:
Known Limitations
Refer to OpsGenie > Rate Limiting for details on rate limiting.
Connection
To connect to Atlassian OpsGenie from D3 SOAR, follow this part to collect the required information below:
Parameter | Description | Example |
Server URL | The URL of the OpsGenie instance. | https://api.opsgenie.com |
API Key | The dedicated API key. | ***** |
API Version | The version of the APIs. | v2 |
Permission Requirements
Each endpoint in the Atlassian OpsGenie API requires a certain permission scope. For all commands in this integration both the Read and Configuration access rights are needed.
READER NOTE
The API key is controlled by the access rights configured for the API key. There are four access rights to choose from:
Read
Create and update
Delete
Configuration access
For instructions on how to obtain the API key and configure the access rights, refer to the Configuring Atlassian OpsGenie to Work with D3 SOAR section below.
Configuring Atlassian OpsGenie to Work with D3 SOAR
Log into OpsGenie.
Navigate to Settings > API key management.
Click on the Add new API key button.
Enter the Name for the new API key in the popup, copy the Key and store it for future reference, then select the appropriate Access rights (refer to Permission Requirements). Finally, click on the Add API key button.
Locate the newly created API Key on the API key management list.
Configuring D3 SOAR to Work with Atlassian OpsGenie
Log in to D3 SOAR.
Find the Atlassian OpsGenie integration.
.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type Atlassian OpsGenie in the search box to find the integration, then click it to select it.
Click + Connection, on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to Atlassian OpsGenie.
.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
Connection Name: The desired name for the connection.
Site: The site on which to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field is displayed when Share to Internal Sites is selected for the Site field, allowing selection of the internal site for deploying the integration connection.
Agent Name (Optional): The proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): The description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, users can choose the specific tenant sites with which to share the connection. Once this setting is enabled, users can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: The checkbox that enables the connection to be used when selected.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
1. Input the Server URL. The default value is https://api.opsgenie.com.
2. Copy the API Key from the Atlassian OpsGenie platform. Refer to step 5 of Configuring Atlassian OpsGenie to Work with D3 SOAR.
3. Input the API Version. The default value is v2.Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Refer to the password vault connection guide if needed.
Connection Health Check: Periodically checks the connection status by scheduling the Test Connection command at the specified interval (in minutes). Available only for active connections, this feature also allows configuring email notifications for failed attempts.
Test the connection.
.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
Click on the Test Connection button to verify credentials and connectivity. A success alert displays Passed with a green checkmark. If the connection fails, review the parameters and retry.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
Atlassian OpsGenie includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command, users can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the Atlassian OpsGenie API, refer to the Atlassian OpsGenie API reference.
READER NOTE
Certain permissions are required for each command. Refer to the Permission Requirements and Configuring Atlassian OpsGenie to Work with D3 SOAR for details.
Note for Time-related parameters
The input format of time-related parameters may vary based on user account settings, which may cause the sample data in commands to differ from what is displayed. To adjust the time format, follow these steps:
Navigate to Configuration > Application Settings. Select Date/Time Format.
-20241017-192013.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
Choose the desired date and time format, then click on the Save button.
-20241017-192025.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
The selected time format will now be visible when configuring Date/Time command input parameters.
Fetch Event
Retrieves alerts matching the given criteria.
Input
Input Parameter | Required/Optional | Description | Example |
Start Time | Optional | The start time of the time range to query alerts by alert update time, in UTC Time. | 2020-06-03 00:00 |
End Time | Optional | The end time of the time range to query alerts by alert update time, in UTC Time. | 2020-12-31 00:00 |
Number of Event(s) Fetched | Optional | The maximum number of alerts to return. The default value is 20. The maximum input is 100. | 100 |
Search Condition | Optional | The query conditions used to narrow down search results. Please refer to Search queries for alerts | Opsgenie | Atlassian Support for more information. | "message: timmy* AND acknowledged:false AND priority:(P1 OR P2)" |
Output
To view the sample output data for all commands, refer to this article.
Fetch Event Field Mapping
See Field Mappings.
The Atlassian OpsGenie system integration includes pre-configured field mappings for the default event source.
The Default Event Source is the default system-provided set of field mappings applied when the fetch event command is executed. It includes a Main Event JSON Path, which is the JSONPath expression that points to the base array of event objects. The source field path continues from this array to locate the required data.
The Main Event JSON Path can be viewed by clicking on the Edit Main JSON Path button.
.png?inst-v=9d16beaf-952a-4ae4-8fe8-e35f7a3745da)
Main Event JSON Path: $.data
The data array contains the event objects. Within each object, the key id denotes the Unique Event Key field. As such, the full JSONPath expression to extract the Unique Event Key is $.data.id.
The pre-configured field mappings are detailed below:
Field Name | Source Field |
Unique Event Key | .id |
Original event ID | .tinyId |
Event name | .alias |
Status | .status |
Message | .message |
Aggregated / Correlated Event count | .count |
Priority | .priority |
Start Time | .createdAt |
Acknowledged | .acknowledged |
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Fetch Event failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: No handler found. |
Error Sample Data Fetch Event failed. Status Code: 404. Message: No handler found. |
Get On-call User
Retrieves current on-call participants for a specific schedule.
READER NOTE
Schedule Name is a required parameter to run this command.
Run the Get Schedules command to obtain the Schedule Name. Schedule Names can be found in the raw data at the path $.data[*].name.
Input
Input Parameter | Required/Optional | Description | Example |
Schedule Name | Required | The name of the schedule. Schedule Name can be obtained using the Get Schedules command. | sysint1_schedule |
Datetime | Optional | The starting time of the timeline. The default date is the time when the request is received. | 2022-01-15 00:00 |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get On-call User failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 429. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You are making too many requests! To avoid errors, we recommend you limit requests. |
Error Sample Data Get On-call User failed. Status Code: 429. Message: You are making too many requests! To avoid errors, we recommend you limit requests. |
Get Schedules
Retrieves all schedules.
Input
N/A
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Schedules failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 401. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Could not authenticate. |
Error Sample Data Get Schedules failed. Status Code: 401. Message: Could not authenticate. |
Get Schedule Timeline
Retrieves the schedule’s timeline, which includes the time and on-call recipient details.
READER NOTE
Schedule Name is a required parameter to run this command.
Run the Get Schedules command to obtain the Schedule Name. Schedule Names can be found in the raw data at the path $.data[*].name.
Input
Input Parameter | Required/Optional | Description | Example |
Schedule Name | Required | The name of the schedule. Schedule Name can be obtained using the Get Schedules command. | sysint_schedule |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Schedule Timeline failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404 |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: No schedule exists with name [<Text>]. |
Error Sample Data Get Schedule Timeline failed. Status Code: 404. Message: No schedule exists with name [<Text>]. |
Get Single User
Retrieves a single user.
READER NOTE
Username or ID is a required parameter to run this command.
Run the Get On-call User command to obtain the Username or ID. Usernames can be found in the raw data at the path $.onCallParticipants[*].name; IDs can be found in the raw data at the path $.onCallParticipants[*].id.
Input
Input Parameter | Required/Optional | Description | Example |
Username or ID | Required | The username or ID of the user. Username or ID can be obtained using the Get On-call User command. | *****@*****.***** |
Output
To view the sample output data for all commands, refer to this article.
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Single User failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: User not found with identifier [*****@*****.*****]. |
Error Sample Data Get Single User failed. Status Code: 404. Message: User not found with identifier [*****@*****.*****]. |
Test Connection
Allows users to perform a health check on an integration connection. Users can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Output Type | Description | Return Data Type |
Return Data | Indicates one of the possible command execution states: Successful or Failed. The Failed state can be triggered by any of the following errors:
More details about an error can be viewed in the Error tab. | String |
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Test Connection failed. Failed to check the connector. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the Atlassian OpsGenie portal. Refer to the HTTP Status Code Registry for details. | Status Code: 422. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Key format is not valid! |
Error Sample Data Test Connection failed. Failed to check the connector. Status Code: 422. Message: Key format is not valid! |