Skip to main content

About PagerDuty

Iru reads incidents, services, escalation policies, schedules, teams, and audit data through the PagerDuty REST API. Authentication uses PagerDuty’s header format (not plain Bearer): 
Authorization: Token token=YOUR_API_KEY
Prefer a General Access REST API key with read-only scope so Iru cannot change incidents or services.

How It Works

PagerDuty REST API keys are sent with PagerDuty’s custom header format Authorization: Token token=<API_KEY> (this is not a generic Bearer token).
DetailValue
CategoryIncident response / operations
AuthenticationREST API key (Authorization: Token token=…)
General Access keys are created by admins and can cover the whole account. User tokens inherit that user’s visibility. Avoid them unless you intentionally restrict scope. Official references: API access keys, REST API reference, and Rate limiting.

Prerequisites

  • Admin or Account Owner (or equivalent) to create General Access API keys.

Connect PagerDuty to Iru

Complete this tab before you connect the source in Compliance.
1

Sign in to PagerDuty

Open PagerDuty and sign in with an Admin or Account Owner (or equivalent) who can create API Access Keys.
2

Open Integrations

From the product navigation, open Integrations (sometimes under Automation or Developer, depending on your PagerDuty edition).
3

Open Developer Tools

Select Developer Tools (or API Access), then locate API Access Keys.
4

Create a new API key

Choose Create new API key (wording may read New key). Prefer a General Access key when org policy allows so Iru reads are not tied to a single human user’s visibility.
5

Name the key and set Read-only

Enter a name such as Iru Compliance. Set the key type to Read-only (or the least-privilege read option PagerDuty offers for REST evidence collection).
6

Create and copy the key

Finish creation and copy the key value once when PagerDuty shows it. It is not shown again after the dialog closes.
Continue on the Iru Compliance tab.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Full key, no spaces; key not disabled.
Switch from a User token to a General Access key with sufficient scope.
User-scoped tokens only see that user’s teams. Use General Access.

Considerations

API keys do not auto-expire: rotate on a schedule.

API keys do not auto-expire - rotate on a schedule.

Large backfills stay within PagerDuty rate limits;…

Large backfills stay within PagerDuty rate limits; sync may spread over time.

Sources Management

Browse and manage every Compliance source.

Getting Started With Compliance

Frameworks, actions, and Artifacts.

Iru Overview

How Endpoint, Compliance, and Identity fit together.

Artifacts Management

Upload, review, and organize evidence from sources and actions.