> ## Documentation Index
> Fetch the complete documentation index at: https://docs.flashcat.cloud/llms.txt
> Use this file to discover all available pages before exploring further.

# Create Automation rule

> Create an Automation rule with schedule, HTTP POST, and On-call incident triggers.

## Restrictions

| Aspect      | Value                                                                               |
| ----------- | ----------------------------------------------------------------------------------- |
| Rate limits | **1,000 requests/minute**; **50 requests/second** per account                       |
| Permissions | Valid `app_key`; management operations require the caller to manage the target rule |

## Usage

* A caller may create personal rules and rules for any team in the current account; `team_id` is immutable after creation.
* List visibility follows session-list visibility: owners/admins see all rules; ordinary members see rules they created and rules for their teams.
* `http_post_token` is returned only when creating or rotating the token. Save it immediately.
* To trigger from On-call incidents, send `oncall_incident_trigger_enabled`, `oncall_incident_channel_ids`, and `oncall_incident_severities`; matching events run with `trigger_kind=oncall_incident`.


## OpenAPI

````yaml /api-reference/safari.openapi.en.json post /safari/automation/rule/create
openapi: 3.1.0
info:
  title: Flashduty Open API
  description: >-
    Public HTTP API for the Flashduty AI SRE platform — skills, MCP servers
    (connectors), A2A agents, and sessions. Every operation is authenticated
    with an `app_key` query parameter issued from the Flashduty console.
  version: 1.0.0
servers:
  - url: https://api.flashcat.cloud
    description: Flashduty Open API
security:
  - AppKeyAuth: []
tags:
  - name: AI SRE/Skills
  - name: AI SRE/MCP servers
  - name: AI SRE/A2A agents
  - name: AI SRE/Sessions
  - name: AI SRE/Automations
paths:
  /safari/automation/rule/create:
    post:
      tags:
        - AI SRE/Automations
      summary: Create Automation rule
      description: >-
        Create an Automation rule with schedule, HTTP POST, and On-call incident
        triggers.
      operationId: automation-rule-write-create
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AutomationRuleCreateRequest'
            example:
              name: Weekly on-call review
              team_id: 123
              enabled: true
              cron_expr: 0 9 * * 1
              schedule_trigger_enabled: true
              prompt: Summarize last week's alert noise and escalation load.
              http_post_trigger_enabled: true
              oncall_incident_trigger_enabled: true
              oncall_incident_channel_ids:
                - 456
              oncall_incident_severities:
                - Critical
                - Warning
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                allOf:
                  - $ref: '#/components/schemas/ResponseEnvelope'
                  - type: object
                    properties:
                      data:
                        $ref: '#/components/schemas/AutomationRuleItem'
              example:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                data:
                  rule_id: auto_7NnLzY2Qp8xS4kUaV3mR6b
                  account_id: 10023
                  team_id: 123
                  owner_id: 80011
                  name: Weekly on-call review
                  enabled: true
                  run_scope: team
                  cron_expr: 0 9 * * 1
                  prompt: Summarize last week's alert noise and escalation load.
                  environment_kind: ''
                  environment_id: ''
                  schedule_trigger_id: autotrg_6aKp3wT9mQ2xVc8bR1nY7z
                  schedule_trigger_enabled: true
                  http_post_trigger_id: autotrg_2bLq4xT8mP1sWd9cN3rF6y
                  http_post_trigger_url: >-
                    /safari/automation/triggers/autotrg_2bLq4xT8mP1sWd9cN3rF6y/fire
                  http_post_trigger_enabled: true
                  can_edit: true
                  created_at: 1780367971228
                  updated_at: 1780367971228
                  http_post_token: sat_yQ9p8V7n6M5k4J3h2G1f0E9d8C7b6A5z4Y3x2W1v0U
                  schedule_next_fire_at_ms: 1780630800000
                  oncall_incident_trigger_id: autotrg_9cVb2mN7qKs4dEa8T1rY5p
                  oncall_incident_trigger_enabled: true
                  oncall_incident_channel_ids:
                    - 456
                  oncall_incident_severities:
                    - Critical
                    - Warning
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '429':
          $ref: '#/components/responses/TooManyRequests'
        '500':
          $ref: '#/components/responses/ServerError'
      security:
        - AppKeyAuth: []
components:
  schemas:
    AutomationRuleCreateRequest:
      type: object
      description: Create an Automation rule.
      properties:
        name:
          type: string
          minLength: 1
          maxLength: 255
          description: Rule name.
        team_id:
          type: integer
          format: int64
          minimum: 0
          description: >-
            Scope team ID. 0 or omitted means a personal rule; >0 means a team
            in the account. Immutable after creation.
        enabled:
          type: boolean
          description: >-
            Whether the rule is enabled after creation. Omitted API value is
            false; Chat/CLI create sends true by default unless the user asks
            for disabled.
        cron_expr:
          type: string
          description: >-
            Run cadence. Supports 4 fields (`hour day month weekday`, minute
            defaults to 0) and 5 fields (`minute hour day month weekday`). The
            minute must be one fixed integer; 6-field seconds are not supported.
            The create API currently requires this field even for HTTP-POST-only
            rules; send a valid cron and set `schedule_trigger_enabled=false`.
          example: 15 9 * * *
        schedule_trigger_enabled:
          type:
            - boolean
            - 'null'
          description: >-
            Whether the schedule trigger is enabled. Defaults to true when
            omitted; HTTP-POST-only rules should send false.
        prompt:
          type: string
          minLength: 1
          description: Task prompt sent to the AI SRE agent on each run.
        environment_kind:
          type: string
          description: >-
            Runtime environment kind. Omit or send an empty value for automatic
            selection.
          enum:
            - ''
            - cloud
            - byoc
        environment_id:
          type: string
          description: BYOC Runner ID. Used only when `environment_kind=byoc`.
        http_post_trigger_enabled:
          type: boolean
          description: >-
            Whether to create and enable an HTTP POST trigger. When enabled, the
            response includes a one-time token.
        oncall_incident_trigger_enabled:
          type: boolean
          description: Whether the On-call incident trigger is enabled.
        oncall_incident_channel_ids:
          type: array
          items:
            type: integer
            format: int64
            minimum: 1
          description: >-
            On-call integration IDs to watch. Creating or enabling this trigger
            requires at least one valid ID.
        oncall_incident_severities:
          type: array
          items:
            type: string
            enum:
              - Critical
              - Warning
              - Info
          description: >-
            Incident severities to watch. Supported values are Critical,
            Warning, and Info; creating or enabling this trigger requires at
            least one value.
      required:
        - name
        - cron_expr
        - prompt
    ResponseEnvelope:
      type: object
      description: >-
        Standard response envelope used by every Flashduty public API. On
        success `data` contains the endpoint-specific payload and `error` is
        absent. On failure `error` is present and `data` is absent. `request_id`
        is always present and is also mirrored in the `Flashcat-Request-Id`
        response header.
      properties:
        request_id:
          type: string
          description: >-
            Unique ID for this request. Mirrored in the Flashcat-Request-Id
            header. Include it when reporting issues.
          example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
        error:
          $ref: '#/components/schemas/DutyError'
        data:
          description: Endpoint-specific payload. See each operation's 200 response schema.
      required:
        - request_id
    AutomationRuleItem:
      type: object
      description: Automation rule.
      properties:
        rule_id:
          type: string
          description: Rule ID.
        account_id:
          type: integer
          format: int64
          description: Account ID.
        team_id:
          type: integer
          format: int64
          description: Scope team ID; 0 means personal rule.
        owner_id:
          type: integer
          format: int64
          description: Creator person ID.
        name:
          type: string
          description: Rule name.
        enabled:
          type: boolean
          description: Whether the rule is enabled.
        run_scope:
          type: string
          enum:
            - person
            - team
          description: Hidden session run scope.
        cron_expr:
          type: string
          description: Normalized 5-field cron expression.
        prompt:
          type: string
          description: Task prompt.
        environment_kind:
          type: string
          description: >-
            Runtime environment kind. Omit or send an empty value for automatic
            selection.
          enum:
            - ''
            - cloud
            - byoc
        environment_id:
          type: string
          description: BYOC Runner ID.
        schedule_trigger_id:
          type: string
          description: Schedule trigger ID.
        schedule_trigger_enabled:
          type: boolean
          description: Whether the schedule trigger is enabled.
        http_post_trigger_id:
          type: string
          description: HTTP POST trigger ID.
        http_post_trigger_url:
          type: string
          description: HTTP POST trigger path.
        http_post_trigger_enabled:
          type: boolean
          description: Whether the HTTP POST trigger is enabled.
        oncall_incident_trigger_id:
          type: string
          description: On-call incident trigger ID.
        oncall_incident_trigger_enabled:
          type: boolean
          description: Whether the On-call incident trigger is enabled.
        oncall_incident_channel_ids:
          type: array
          items:
            type: integer
            format: int64
            minimum: 1
          description: >-
            On-call integration IDs to watch. Creating or enabling this trigger
            requires at least one valid ID.
        oncall_incident_severities:
          type: array
          items:
            type: string
            enum:
              - Critical
              - Warning
              - Info
          description: >-
            Incident severities to watch. Supported values are Critical,
            Warning, and Info; creating or enabling this trigger requires at
            least one value.
        http_post_token:
          type: string
          description: >-
            HTTP POST trigger token. Returned only on create or token rotation;
            save it immediately.
        can_edit:
          type: boolean
          description: Whether the caller can manage this rule.
        created_at:
          type: integer
          format: int64
          description: Creation time, Unix milliseconds.
        updated_at:
          type: integer
          format: int64
          description: Last update time, Unix milliseconds.
        schedule_next_fire_at_ms:
          type: integer
          format: int64
          description: >-
            Next scheduled fire time, Unix milliseconds. 0 means no future
            scheduled fire is available.
      required:
        - rule_id
        - account_id
        - team_id
        - owner_id
        - name
        - enabled
        - run_scope
        - cron_expr
        - prompt
        - environment_kind
        - environment_id
        - schedule_trigger_enabled
        - http_post_trigger_enabled
        - can_edit
        - created_at
        - updated_at
        - schedule_next_fire_at_ms
        - oncall_incident_trigger_enabled
    DutyError:
      type: object
      description: >-
        Error payload inside the response envelope. Present only on non-2xx
        responses.
      properties:
        code:
          $ref: '#/components/schemas/ErrorCode'
        message:
          type: string
          description: >-
            Human-readable error message, localized by the caller's
            Accept-Language. May contain field names, IDs, or other context from
            the failing request.
      required:
        - code
        - message
    ErrorResponse:
      type: object
      description: Response envelope for errors. `error` is required; `data` is absent.
      properties:
        request_id:
          type: string
          example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
        error:
          $ref: '#/components/schemas/DutyError'
      required:
        - request_id
        - error
    ErrorCode:
      type: string
      description: >-
        Flashduty error code enum. Every failed API response sets `error.code`
        to one of these values. The value is a stable wire string — not a
        localized message and not a numeric status. HTTP status is
        informational.
      enum:
        - OK
        - InvalidParameter
        - BadRequest
        - InvalidContentType
        - ResourceNotFound
        - NoLicense
        - ReferenceExist
        - Unauthorized
        - BalanceNotEnough
        - AccessDenied
        - RouteNotFound
        - MethodNotAllowed
        - UndonedOrderExist
        - RequestLocked
        - EntityTooLarge
        - RequestTooFrequently
        - RequestVerifyRequired
        - DangerousOperation
        - InternalError
        - ServiceUnavailable
  responses:
    BadRequest:
      description: Invalid request — usually a missing or malformed parameter.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missingParameter:
              summary: Missing required parameter
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: InvalidParameter
                  message: The specified parameter skill_id is not valid.
    Unauthorized:
      description: Missing or invalid app_key.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missingAppKey:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: Unauthorized
                  message: You are unauthorized.
    Forbidden:
      description: The app_key is valid but lacks permission for this operation.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            accessDenied:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: AccessDenied
                  message: Access Denied.
    TooManyRequests:
      description: Rate limit hit. Either the global API limit or a per-account limit.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            rateLimited:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: RequestTooFrequently
                  message: Request too frequently.
    ServerError:
      description: Unexpected server-side error. Include the request_id when reporting.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            internal:
              value:
                request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4
                error:
                  code: InternalError
                  message: >-
                    We encountered an internal error, and it has been reported.
                    Please try again later.
  securitySchemes:
    AppKeyAuth:
      type: apiKey
      in: query
      name: app_key
      description: >-
        App key issued from the Flashduty console. Required on every public API
        call. Keep it secret — it grants the same access as the owning account.

````