Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.scrubbe.com/llms.txt

Use this file to discover all available pages before exploring further.

The Scrubbe REST API gives you programmatic access to incidents, postmortems, team management, integrations, and analytics. All requests are made over HTTPS to a versioned base URL, and all request and response bodies use JSON. This reference covers the conventions that apply across every endpoint.

Base URL

All API endpoints are relative to the following base URL: 
https://your-api-domain.com/api/v1

Authentication

Scrubbe supports two authentication methods. Use whichever fits your use case — both are accepted on all protected endpoints unless stated otherwise.

Bearer token

Obtain a short-lived access token by calling POST /auth/login. Include it in the Authorization header of every subsequent request. 
Authorization: Bearer <accessToken>

API key

For server-to-server or ingestion use cases, generate a long-lived API key from the dashboard or via the API Keys endpoints, then pass it in the X-API-Key header. 
X-API-Key: <key>
The ingestion endpoints (/api/v1/ingestion/*) accept only X-API-Key authentication. Bearer tokens are not valid on those routes.

Content type

Every request with a body must include the following header: 
Content-Type: application/json

Response format

Success response

{
  "success": true,
  "message": "Operation completed successfully.",
  "data": { ... }
}

Paginated response

{
  "success": true,
  "message": "Records retrieved.",
  "data": {
    "items": [ ... ],
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 143,
      "totalPages": 8
    }
  }
}

Error response

{
  "success": false,
  "message": "Validation failed.",
  "errors": ["email is required", "password must be at least 8 characters"]
}

Rate limits

Rate limits are enforced per IP address and per authenticated user. When a limit is exceeded, the API returns 429 Too Many Requests.
ScopeLimitWindow
Global200 requests15 min
Auth10 requests15 min
Email OTP3 requests1 min
API Key100 requests1 min
Check the Retry-After response header when you receive a 429. It contains the number of seconds to wait before retrying.

Versioning

The current API version is v1, reflected in every endpoint path. Breaking changes will be introduced under a new version prefix (e.g., /api/v2). Non-breaking additions such as new fields or optional parameters may be added to v1 without a version bump.

Further reading

Authentication

Login, register, token refresh, and profile management.

Error reference

HTTP status codes, error shapes, and remediation guidance.

API keys

Create, rotate, and revoke programmatic API keys.

Ingestion

Push events from external tools into Scrubbe.