.avif)
.png){kind=icon}
.png){kind=icon}
.png){kind=small}
We’ve introduced a powerful new way to authenticate your API requests with role-aware, scoped API tokens. This gives teams and businesses more control, security, and auditability when interacting with the Rootly API.
What’s New
You can now generate three types of API tokens:
Global Tokens
Designed for organization-wide access, global tokens can be configured with a custom set of permissions. Use these to interact with any entity across your Rootly instance.
Team-Scoped Tokens
These tokens are limited to resources owned by a specific team (such as schedules and escalation policies). They come with full update permissions for those team-owned entities, making them perfect for distributed operational ownership.
User-Level Tokens
Limit your user's adoption of the API with user-level tokens that inherit their Rootly permissions.
Why It Matters
Be confident that your organization is able to leverage Rootly's API safely and securely with minimal overhead:
- Tokens can be decoupled from user activity, so when users leave your company, your API use isn't impacted
- Teams can build and operate automation without risk of touching other teams’ configurations
- Every token creation is logged in the audit log, so you know exactly who created each token and when—ideal for maintaining oversight and meeting audit requirements.
Get started today in Rootly's dashboard under Organisation Settings.
New & Improved
Alert Routing Rules: Route Alerts to your teams conditionally using is one of and is not one of conditions.
Incident Search: Search for incidents using the unique ID.
Viewing Alerts: View up to 50 Alerts at once from the Alert list page.
