Flow triggers

Common trigger output details

Examples of when to use this trigger:

• Automatically update the record in your monitoring tool to add an annotation that the xMatters alert ended.
• Post alert creation and termination updates to your reporting repository for analytics and observability initiatives.
• Automatically close the ticket in the source system when the xMatters alert ends.

Alert status trigger outputs

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

Examples of when to use this trigger:

• Post details about who was notified and when into a ticket, alert, or chat application so the notification process is clearly visible (and documented).
• Post details about device notification failures to a list so you can follow up with users who seem to be experiencing delivery issues.

Device delivery trigger outputs

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

Examples of when to use this trigger:

• Automatically assign an incident when a recipient responds with Accept (or Assign to me or whatever response you have configure for this).
• Approve or reject change requests based on responses.

Responses trigger outputs

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

To add response options to a Responses trigger:

1. Click + Add Response (or double-click the Responses parent) to add, remove, or edit response options.

2. Configure the response options and drag them into the order you want them to appear on the canvas, then click Save. In our MIM scenario, we added "Create major incident" and moved it to the top of the list.
   • For more information, see Create Alert step - Configure response options.
   • For more information, see Define response options for messaging forms.

Each response appears as a step on the canvas. You can now connect the steps you want to run when a recipient selects that response.

A few things to know about existing integrations:

• If you have an outbound integration that uses the Notification Responses trigger, it appears on the canvas but doesn't have the response options delineated since any actions based on different responses are handled in the outbound integration script.
• Some integrations use response options that are determined at runtime. We've updated our built-in integrations but some packaged or custom integrations still use these. For the time being, you'll need to continue to use an outbound integration using the Notification Responses trigger.
• For built-in integrations, you are unable to modify or delete the default response options included in the configuration; although you can add additional ones. To modify or delete built-in responses, you'll need to first convert the configuration to a workflow.

Examples of when to use this trigger:

• Post each comment to a Slack channel or other chatops application.
• Populate the free-form text closure details of a ticket or alert (in this case, you could actually perform your response logic in the Alert Comment trigger instead of the response trigger!)
• Add the comments to a ticket or alert as annotations, recording the work performed on the alert, either for the next person in the resolution chain or for post-incident analysis.

Alert comments trigger output details

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

Examples of when to use this trigger:

• Automatically launch a new alert that warns a manager when an alert has escalated to the point where an SLA (service level agreement) is in jeopardy.
• Automatically update a chat room to warn team members when an alert is escalated.

Escalation trigger outputs

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

Examples of when to use this trigger:

• Automatically notify a chat room that an alert isn’t currently routing to on-call resources.

Targeted recipient failures trigger output details

To see the payload behind the scenes, see the information for the equivalent trigger in the Integration Builder.

What triggers it: When its associated callable flow step runs in another flow in your workflow.

What information is in the outputs: Inputs of the callable flow step are available as outputs of the callable trigger. This allows you to pass information from the calling flow (the flow containing the callable flow step) to steps connected to the callable trigger. Callable flow steps do not currently return any information from the flow they call, apart from the ID of the request that initiated the callable trigger.

Examples of when to use this trigger: If you want to reuse the same sequence of steps in multiple flows and make your flows more readable and easier to maintain.

1. Drag the Callable Trigger from the palette onto the canvas (available from Triggers > Utility).
2. Double-click the trigger to open its configuration screen (or select it and click the pencil icon).
   • If prompted, click to Save Changes to the canvas.
3. Click Create Callable Flow Step to create the step which you can use to call your trigger.
4. On the Settings tab, give your callable flow step a name, description, and icon.
   • This helps people looking at the step on the Tools tab understand what the callable flow step does if they add it to their flows.
5. On the Inputs / Outputs tab, define the inputs of the callable flow step, which will also be available as outputs the callable flow trigger.
   1. When you add the callable flow step to a flow, you can pass information from the previous steps of that flow to the steps connected to the associated callable trigger.
6. Click Save.
7. Click Close to return to the trigger configuration screen. The Settings tab of your trigger displays information about its associated callable flow step.
   • Click Open Step Configuration if you want to make further updates to the callable flow step's settings or inputs.
   • Click Show Step in Palette to view the location of the callable flow step on the Tools tab.
8. If you want to limit who can initiate the trigger, modify the Usage Permissions of its associated callable flow step, available from the step's Settings menu (the gear icon) on the Tools tab of the palette.

You're now ready to connect the series of steps to your callable trigger, and to add the trigger's associated callable flow step to your flows. Once you've added the callable flow step to one or more flows, the Settings tab of your trigger will include a Usage list of the locations (Canvas > Trigger Name) where the callable flow step is used.

What triggers it: xMatters receives an incoming HTTP request from an external system to the trigger's URL.

What information is in the outputs: Properties or information from the request mapped to outputs by the user that created the trigger.

Examples of when to use this trigger:

• To inject information into xMatters from any system capable of sending a POST request.

HTTP request trigger output details

HTTP triggers do not have a standard set of outputs because the outputs, and mapping of request properties to these outputs, are defined by the user that created the trigger.

Each HTTP trigger is authenticated independently, using the authentication method set by the trigger creator (unless the creator set the trigger to allow all methods).

Depending on the allowed authentication methods, you might need to select the authenticating user that should be used to authenticate requests. Regardless of the method chosen, any requests submitted to the trigger URL have the same permissions in xMatters as the authenticating user, whether that user was set in the step or their credentials were included in the request.

Authentication methods

When creating an HTTP trigger, you can allow only one of these methods to be used or select the Allow all methods option to allow any of them to be used. It's recommended that you choose the most secure method the calling system supports

Once you create and share an HTTP trigger, you can reuse it in any flow. You can also create new versions of the trigger as your needs change.

Step 1: Create the HTTP trigger

When you create a new custom HTTP trigger, the first thing to do is set up how it appears in the palette: the name, description, and icon.

1. On the Triggers tab of the palette, click Create HTTP Trigger. This opens the New HTTP Trigger dialog box.
2. On the Settings tab, give the trigger a name and description. These appear in the palette, and help people know what this trigger does and if it's something they should use. People can give the trigger a different label when they add it to the canvas.
3. To change the icon used for the trigger, click Select Image. This opens an image library with a selection of icons, including a few default ones and any icons you've already added for your xMatters company.
4. Click an icon in the library to select it. To add a new icon to the image library, click the Choose a file to upload link and browse to the file you want to use.
   1. For the best appearance on the canvas, we recommend using images that are 36 x 36 pixels. The maximum file size is 250 KB, and you can use a variety of common image formats: jpg, jpeg, gif, and png.
5. Once you've selected your image in the Image Library, click Select to go back to the step settings.
6. Set the step state and version information.
7. Select the Run Location where the step is allowed to run. Allowing the step to run on an xMatters agent lets it update and retrieve information from systems behind your corporate firewall.
   • Cloud: The step can only run in the cloud.
   • xMatters Agent: The step can only run on an xMatters agent.
   • Both: The person using the step in a flow can select where the instance of the step will run when they configure it.
8. Select the authentication method you want to allow the step to use. You can also select Allow all methods if you want users to be able to pick the method used when they configure the trigger.

Step 2: Create the outputs

When you define the outputs, you're deciding what information this trigger should provide to steps further downstream. For properties from the request to be available to steps later in the flow, you need to use the script to map them to the outputs of the trigger (see the next step).

1. On the Outputs tab, click Add Step Output to create a new output.
2. Enter a name for the output. This name can be used to reference it in the script editor, and appears in the step setup screen where people can drag it into the input of a connected step.
3. Click Add Step Output for each additional output you'd like to create. To delete an output, click the 'x' icon next to the output.
4. When you're done adding outputs, click Save.

Step 3: Map the outputs

The Script tab is where you define the internal logic that takes the HTTP request from another application, transforms the incoming information, and maps it to the outputs. When you create a new HTTP trigger, the script only brings what is included in the payload. Properties of the form associated with your flow canvas are not available as outputs because HTTP triggers do not use the form to create an alert in xMatters. You need to map properties from the request to outputs of the trigger to use these properties in steps in your flow.

The Script tab includes an example script showing how to parse the payload from an incoming HTTP request, then extract information from the payload and map it to outputs. You can use it as a template and customize it to work with your flow. The trigger's built-in request object enables you to access elements of the request, including the payload contained in the request body and any URL parameters.

The following instructions describe how to add and configure an HTTP trigger in your flow.

HTTP trigger authentication

Each HTTP trigger is authenticated independently, using the authentication method set by the trigger creator (unless the creator set the trigger to allow all methods).

How to configure an HTTP trigger

1. On the Triggers tab of the palette, under HTTP Request, drag the custom HTTP trigger you'd like to use onto the canvas.
   • You can filter the HTTP triggers by triggers you own, triggers others have shared with you, or all triggers you have permission to use.
2. Double-click the trigger to open its configuration screen (or select it and click the pencil icon).
3. Change the Trigger Label if you'd like to customize the trigger's name for your flow.
4. If the step allows any authentication method, select the method you want to use in the Initiation settings.
5. If required by the authentication method, select whose credentials you'd like to use to trigger the flow. Click the list to display users who can authenticate the trigger, or start typing a username into the search field to filter the list (two characters are required).
   • Users only appear in this list if you supervise them (or are a company supervisor) and they are assigned the REST Web Services role.
6. Click Run Location to set where the trigger runs. This tab only appears if the trigger is allowed to run on an xMatters agent.
7. Select the location where you want this step to run: Cloud or xMatters Agent.
   • If you set it to xMatters Agent, select one or more agents from the list of available agents. To select an agent from the list, you must be a registered user of the agent and it must be version 1.4.1 or later. If you don't have any agents configured, click Add an xMatters Agent to go to the Agents page, which has instructions for installing the agent.
8. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
9. Back on the Settings tab, click Copy to save the trigger URL to your clipboard.

To initiate the trigger, send a POST request to the trigger URL using the requirements of the configured authentication method:

• URL Authentication: Send an HTTP POST request to the trigger URL.
• Basic Authentication: Send an HTTP POST request to the trigger URL using basic authentication and an xMatters username and password.
• API Key Authentication: Authenticate the request using basic authentication and set the username to the API key and the password to the secret.
• OAuth Authentication: Include an access token in the request header. A client ID is required to obtain and refresh access tokens in the xMatters REST API. You can find the client ID for your company under Workflows > OAuth. For more information about using OAuth with xMatters, see OAuth authentication.

You can also click View Instructions for instructions on how to trigger the flow.

If you want to view the results of the trigger initiation in the Activity panel, make sure you've connected steps to the trigger. If the trigger isn't connected to anything, no activity information appears.

If you have permissions to edit a custom HTTP trigger, you can edit the configuration or create a new version of the trigger, share the trigger, or delete it (as long as it's not used in a flow). Click the settings menu for the trigger (the gear icon) and select Edit, Usage Permissions, or Delete.

Examples of when to use this trigger:

• To inject information from any external system capable of sending an email message to xMatters; this might include custom applications or almost any cloud-based application, monitoring system, social media platform, e-commerce platform, or customer relationship management tool.

Email Initiation trigger output details

If you want to pull out information from the email body to make the details available as inputs to steps downstream, you can create a custom email parser step. Check out the instructions on our support site.

The unique email address that you use to initiate a flow is created from a target name, the trigger ID, and hostname of your xMatters deployment in the following syntax:

<name>@<triggerID>.<hostname>

• <name>: The name can be the user ID of a specific user or the name of a group or dynamic team. For example, mmcbride@hr54b.mycompany.xmatters.com or DatabaseAdmins@hr54b.mycompany.xmatters.com.
• <triggerID>: By default, the trigger ID is a randomly generated combination of alphanumeric characters. You may want to change the trigger ID to be more readable, or you may want to change it to something hard to guess for security purposes. The trigger ID must be unique within your company.
• <hostname>: The URL that you use to access the xMatters web user interface without the "https://". For example, the hostname for https://mycompany.xmatters.com is mycompany.xmatters.com

If your hostname includes a regional or specific instance indicator, do not include it in the target email format. For example, if the URL you use to access xMatters is mycompany.na1.xmatters.com, do not include the na1 portion of the URL in the email address. Use just mycompany.xmatters.com.

You can find the target ID and sample email address for an Email Initiation trigger on its configuration screen in Flow Designer.

Understanding how Flow Designer uses trigger email recipients

Email Initiation triggers in Flow Designer do not create an alert in xMatters when they are initiated. The target name of the user, group, or dynamic team named in the initiation email is mapped to the email.recipients output of the trigger, which you can use as an input to later steps in your flow, such as for the recipients of a xMatters Create Alert Using a Form step. To include more than one target name in the email.recipients output, add multiple addresses to the To: line of the email (one for each user, group, or dynamic team), using the format described above.

For example, if the To: field of your trigger email includes the following user, group, and dynamic team:

To: mmcbride@hr54b.mycompany.xmatters.com; DatabaseAdmins@hr54b.mycompany.xmatters.com; AllEmployees@hr54b.mycompany.xmatters.com

Then the email.recipients output would include this comma-separated list of target names you could use directly as input to the recipient field of an xMatters alert step:

mmcbride,DatabaseAdmins,AllEmployees

xMatters accepts 9 and 10 character BATV-encoded email addresses.
Be aware that even though spaces are allowed in email addresses, many popular email clients do not permit them. We recommend not using spaces in group or dynamic team names if you plan to include them on a trigger initiation email and use them as recipients inputs on another step in a flow.

The Email Initiation trigger lets you select whether initiation emails can be sent from any email address or are only accepted when they are sent from an email address assigned to a device in xMatters.

For example, lets say Mary McBride has a work email device configured in xMatters with the address mmcbride@your-company.com. She also has a personal maryrocks@cloud-email.com address, but it's not assigned to a device in xMatters.

If the trigger is set to allow initiation from any address, Mary could send an email from her maryrocks@cloud-email.com address to initiate the Email Initiation trigger and execute the connected flow. The flow authenticates using the Authenticating User selected in the trigger settings (which may or may not be Mary).

If the trigger is set to only allow initiation from an address associated with an email device in xMatters, Mary has to send the email using her mmcbride@your-company.com email; emails from maryrocks@cloud-email.com are rejected. When Mary sends an email from a valid email address, the trigger is initiated and the flow executed using her credentials.

1. Drag the trigger from the palette onto the canvas.
2. Double-click the trigger to open its configuration screen (or select it and click the pencil icon).
3. Change the Trigger Label if you'd like to customize the trigger's name for your flow.
4. Select the authentication method:
   • Send from any email: An email sent from any email address will trigger the flow. The flow runs using the credentials of the user selected in the Authenticating User field.
   • Send from an xMatters email device: Only emails sent from an address associated with a valid xMatters device will trigger the flow. The flow runs using the credentials of the user associated with the email address.
5. Optionally, customize the Trigger ID. You may want to change the trigger ID to be more readable, or you may want to change it to something hard to guess for security reasons.
6. Click Copy Address to copy the trigger's email address to your clipboard, so that it's available when you're configuring an external system to email xMatters, or to share with other users who want to initiate the flow by email.
   1. The sample email address shows how to initiate the trigger with your target name. When you initiate the trigger by email, you can replace your user ID with a different user ID, group name, or dynamic team name.
7. If you'd like, you can also click Test Email to automatically open your default email program so that you can send a test email to your trigger's email address and see if it triggers your flow (if you selected Send from an xMatters email device, make sure your default email is associated with an email device).
8. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
9. Click OK.

To give you the flexibility to trigger a flow without creating an alert, the email doesn't automatically initiate an alert in xMatters. If you want to create an alert when the Email Initiation trigger is initiated, simply add a Create Alert Using a Form step to your flow, either right after the Email Initiation trigger or after additional steps that gather more information to enrich the alert notification.

How can I assign an external system a valid email address in xMatters?

This is only applicable if you want to limit the trigger initiation to addresses associated with an email device in xMatters.

To enable xMatters to recognize emails from your external system, do one of the following:

• Add the external system email address as a device for a user that is already authorized to initiate the form.
• Create a new user in xMatters to represent the external system. Give this user permission to access to the flow, and create a device for the external system email address.
• Use a service that can receive an email message from your external system and resend it using an email address that is authorized to initiate the flow.

Check the Devices screen in a user's profile to confirm that the email address that you are sending the initiation email from matches the address for one of their email devices.

If your system does not have the ability to send email messages, check out services like Zapier, which can be used to send email messages from a wide range of popular applications.

What happens if I use the Cc: or Bcc: lines instead of the To: line?

The Cc: and Bcc: fields are treated the same as the To: field. You can initiate alerts by including email addresses in the Cc: and Bcc: fields. Users, groups, or dynamic teams added to the Cc: and Bcc: fields are also included in the email.recipients output.

The sample email address shows how to inject my own target name with the email. How can I add other uses, groups, or dynamic teams to the To: field so they're included in the email.recipients output?

• To add another user instead of yourself, use their user ID before the @ symbol in the trigger email address.
• To send to a group or dynamic team, use the group or team name before the @ symbol. (Spaces or quotation marks in the name of the group are not recommended.)
• To target multiple recipients, use multiple addresses on the To: line.

What happens if I put email addresses for different flows in the same email?

xMatters will trigger each flow that you provided a trigger email address for in the To: field of the email, as if you had emailed the trigger addresses separately.

What happens if you include "regular" (non-trigger) email addresses in the To: line?

If you include an additional email address not associated with a flow trigger in the To: line along with one or more trigger email addresses, you'll send that email address a copy of the email. The flow is triggered but that email is not be included in the trigger outputs. Email addresses must follow the trigger email initiation format to be included in outputs of the trigger.

What happens if my email server changes the To: address when sending?

Some email servers have a feature called "CNAME expansion" enabled that can alter the "To:" address of an email to include routing information. So an email sent to mmcbride@traveladvisory.example.xmatters.com might be changed during transit through your email server to something more like mmcbride@us1-west-1.mail_traveladvisory.example.xmatters.com.

To address this problem, you'll need to work with your IT team to disable the CNAME expansion feature or setting on your SMTP email server.

Examples of when to use this trigger: This step is primarily used by incident commanders and resolvers to run an automated process that can help to mitigate the effects of an incident or even resolve an issue. While they are viewing an incident or looking at an incident's impacted service, they can easily initiate flows (for example: send an alert, notify resolvers, or roll back a deployment) without navigating away from the incident or service.

What triggers it: When you select the automation on the Incident Console or on a service dependencies map. It is triggered when you submit the flow trigger form associated with the incident automation trigger.

What information is in the outputs:

• Form Properties: Properties and parameters defined in the layout of the associated flow trigger form. The values at runtime depend on what's defined on the form layout and what's entered when the form is submitted.
• Automation Context: Details of the incident from which the automation was triggered. The values at runtime represent the state of the incident when the automation was run.

Automation Context output details

1. Drag the Incident Automation trigger from the palette onto the canvas. It is located under the Incidents section of the Triggers tab.
2. Double-click the trigger to open its configuration screen (or select it and click the pencil icon).
3. Select the form to use for initiating the flow (the form description, if it exists, appears below the name) and click Apply.
   • You can't switch the form used by the step after you click Apply; if you decide you want to target a different form, delete this instance of the step from the canvas and add a new incident automation trigger.
   • The step takes its label from the associated form.
4. Choose whether to enable this trigger and allow people to run the automation in the Incident Console and on an incident service dependencies map.
   • Sender permissions and enabling the trigger can also be set on the associated form.
5. You can select a service to associate with the automation or leave this field blank. Note that you can only choose one service to associate with an automation. If you sort by ‘Most Relevant’ in the Automation section of the Incident Console, the automation will be grouped together with other automations associated with the same service . You can also run the automation from the Impacted Services section of the Incident Console and the service dependencies map of the incident. There is also a check box that enables you to limit the usage of the automation to the members and supervisors of the group that owns the service.
6. Click Edit Permissions to allow additional users to run the automation.
   • You can select either users or roles; if you select a role, any users assigned that role can submit the form (for example, "Incident Managers"). If your flow includes a Create Alert Using a Form step, make sure you also set the same sender permissions on its associated messaging form, otherwise the flow might encounter errors at runtime.
7. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
8. Click Done.