> ## Documentation Index > Fetch the complete documentation index at: https://docs.flashcat.cloud/llms.txt > Use this file to discover all available pages before exploring further. # List rulesets > Return all rulesets for a given datasource type that are accessible to the current user. ## Restrictions | Aspect | Value | | ----------- | ------------------------------------------------------------- | | Rate limits | **1,000 requests/minute**; **50 requests/second** per account | | Permissions | **Rule Repository Read** (`monit`) | ## Usage * A ruleset is visible if its `open_flag` is `2` (public), if the current user is the creator (`open_flag=0`), or if it belongs to the same account (`open_flag=1`). * The list does not include the `payload` field. Call `/monit/store/ruleset/info` to get the full ruleset content. ## OpenAPI ````yaml /api-reference/monitors.openapi.en.json post /monit/store/ruleset/list openapi: 3.1.0 info: title: Flashduty Open API description: >- Public HTTP API for the Flashduty incident management platform — incidents, notification templates, channels, schedules, monitors, RUM, and platform administration. Every operation is authenticated with an `app_key` query parameter issued from the Flashduty console under Account → APP Keys. Responses follow a uniform envelope: `{ request_id, data }` on success, `{ request_id, error }` on failure. version: 1.0.0 servers: - url: https://api.flashcat.cloud description: Flashduty Open API security: - AppKeyAuth: [] tags: - name: Monitors/Alert rules description: >- Create, manage, and export monitor alert rules. Query rule counters and audit history. - name: Monitors/Data sources description: Manage monitoring data sources used by alert rules to query metrics. - name: Monitors/Rule sets description: >- Manage shared rule sets (rulesets) in the Monitors rule repository. Rulesets can be shared publicly or within an account. - name: Monitors/Diagnostics description: >- Diagnostic and query endpoints used by Flashduty AI SRE — ad-hoc data source queries, log/metric diagnostics, and target-side tool invocation. - name: Monitors/Monitor utilities description: Monitors service activation and data preview utilities. paths: /monit/store/ruleset/list: post: tags: - Monitors/Rule sets summary: List rulesets description: >- Return all rulesets for a given datasource type that are accessible to the current user. operationId: monit-store-ruleset-list requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/StoreRulesetListRequest' example: type_ident: prometheus responses: '200': description: Success content: application/json: schema: allOf: - $ref: '#/components/schemas/SuccessEnvelope' - type: object properties: data: $ref: '#/components/schemas/StoreRulesetListResponse' example: request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 data: - id: 1 type_ident: prometheus note: CPU usage alerts open_flag: 2 creator_account_id: 10023 creator_id: 80011 creator_name: Alice created_at: 1710000000 updated_at: 1712000000 '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/ServerError' components: schemas: StoreRulesetListRequest: type: object required: - type_ident description: Filter rulesets by datasource type. properties: type_ident: type: string description: Datasource type identifier to filter by, e.g. `prometheus`. SuccessEnvelope: type: object description: >- Success response envelope. On every 2xx response, `request_id` identifies the call (also mirrored in the `Flashcat-Request-Id` header) and `data` holds the endpoint-specific payload. Failure responses use a different shape — see `ErrorResponse`. properties: request_id: type: string description: >- Unique ID for this request. Mirrored in the Flashcat-Request-Id response header. Include it when reporting issues. example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 data: description: Endpoint-specific payload. See each operation's 200 response schema. required: - request_id - data StoreRulesetListResponse: type: array description: Rulesets accessible to the current user. The `payload` field is omitted. items: $ref: '#/components/schemas/StoreRulesetItem' StoreRulesetItem: type: object description: A rule repository ruleset. required: - id - type_ident - note - open_flag - creator_account_id - creator_id - creator_name - created_at - updated_at properties: id: type: integer format: uint64 description: Ruleset ID. type_ident: type: string description: Datasource type identifier this ruleset applies to. note: type: string description: Description or title of the ruleset. open_flag: type: integer enum: - 0 - 1 - 2 description: >- Sharing scope. `0` = private (creator only), `1` = account-shared, `2` = public. payload: type: string description: >- JSON string containing the alert rule definitions. Omitted in list responses. creator_account_id: type: integer format: uint64 description: Account ID of the creator. creator_id: type: integer format: uint64 description: Member ID of the creator. creator_name: type: string description: Display name of the creator. created_at: type: integer format: int64 description: Creation timestamp, Unix epoch seconds. updated_at: type: integer format: int64 description: Last update timestamp, Unix epoch seconds. ErrorResponse: type: object description: Response envelope for errors. `error` is required; `data` is absent. properties: request_id: type: string example: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 error: $ref: '#/components/schemas/DutyError' required: - request_id - error DutyError: type: object description: >- Error payload inside the response envelope. Present only on non-2xx responses. properties: code: $ref: '#/components/schemas/ErrorCode' message: type: string description: >- Human-readable error message, localized by the caller's Accept-Language. May contain field names, IDs, or other context from the failing request. example: The specified parameter template_id is not valid. required: - code - message ErrorCode: type: string description: >- Flashduty error code enum. Every failed API response sets `error.code` to one of these stable wire strings. HTTP status is informational — the authoritative signal is the enum value. | Code | HTTP | Meaning | |---|---|---| | `OK` | 200 | Reserved — not returned on real errors. | | `InvalidParameter` | 400 | A required parameter is missing or failed validation. | | `BadRequest` | 400 | Generic 400 used when no more specific code fits. | | `InvalidContentType` | 400 | The `Content-Type` header is not `application/json`. | | `ResourceNotFound` | 400 | The referenced resource does not exist. Note: returned as HTTP 400, not 404 (historical choice). | | `NoLicense` | 400 | The feature is license-gated and no active license was found. | | `ReferenceExist` | 400 | Deletion blocked — other entities still reference this resource. | | `Unauthorized` | 401 | `app_key` is missing, invalid, or expired. | | `BalanceNotEnough` | 402 | Billing-gated operation with insufficient account balance. | | `AccessDenied` | 403 | Authenticated but lacking the permission required for this operation. | | `RouteNotFound` | 404 | The request URL path is not a known route. | | `MethodNotAllowed` | 405 | The HTTP method is not allowed on this otherwise-known path. | | `UndonedOrderExist` | 409 | An outstanding billing order blocks this new one. Wait and retry. | | `RequestLocked` | 423 | Operation temporarily locked due to repeated failures. | | `EntityTooLarge` | 413 | Request body exceeds the configured max size. | | `RequestTooFrequently` | 429 | Rate limit hit — API-global, per-account, or per-integration. | | `RequestVerifyRequired` | 428 | Second-factor verification required but not supplied. | | `DangerousOperation` | 428 | High-risk operation requires MFA verification. | | `InternalError` | 500 | Unhandled server-side error. Include `request_id` in the bug report. | | `ServiceUnavailable` | 503 | A backend dependency is unavailable. Try again later. | enum: - OK - InvalidParameter - BadRequest - InvalidContentType - ResourceNotFound - NoLicense - ReferenceExist - Unauthorized - BalanceNotEnough - AccessDenied - RouteNotFound - MethodNotAllowed - UndonedOrderExist - RequestLocked - EntityTooLarge - RequestTooFrequently - RequestVerifyRequired - DangerousOperation - InternalError - ServiceUnavailable x-enumDescriptions: OK: Reserved — not returned on real errors. InvalidParameter: A required parameter is missing or failed validation. BadRequest: Generic 400 used when no more specific code fits. InvalidContentType: The `Content-Type` header is not `application/json`. ResourceNotFound: >- The referenced resource does not exist. Note: returned as HTTP 400, not 404 (historical choice). NoLicense: The feature is license-gated and no active license was found. ReferenceExist: Deletion blocked — other entities still reference this resource. Unauthorized: '`app_key` is missing, invalid, or expired.' BalanceNotEnough: Billing-gated operation with insufficient account balance. AccessDenied: Authenticated but lacking the permission required for this operation. RouteNotFound: The request URL path is not a known route. MethodNotAllowed: The HTTP method is not allowed on this otherwise-known path. UndonedOrderExist: An outstanding billing order blocks this new one. Wait and retry. RequestLocked: Operation temporarily locked due to repeated failures. EntityTooLarge: Request body exceeds the configured max size. RequestTooFrequently: Rate limit hit — API-global, per-account, or per-integration. RequestVerifyRequired: Second-factor verification required but not supplied. DangerousOperation: High-risk operation requires MFA verification. InternalError: Unhandled server-side error. Include `request_id` in the bug report. ServiceUnavailable: A backend dependency is unavailable. Try again later. example: InvalidParameter responses: BadRequest: description: Invalid request — usually a missing or malformed parameter. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: missingParameter: value: request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 error: code: InvalidParameter message: The specified parameter is not valid. Unauthorized: description: Missing or invalid app_key. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: missingAppKey: value: request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 error: code: Unauthorized message: You are unauthorized. TooManyRequests: description: >- Rate limit hit. Either the global API limit, a per-account limit, or a per-integration limit. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: rateLimited: value: request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 error: code: RequestTooFrequently message: Request too frequently. ServerError: description: Unexpected server-side error. Include the request_id when reporting. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' examples: internal: value: request_id: 01HK8XQE3Z7JM2NTFQ5YJ8P9R4 error: code: InternalError message: >- We encountered an internal error, and it has been reported. Please try again later. securitySchemes: AppKeyAuth: type: apiKey in: query name: app_key description: >- App key issued from the Flashduty console under Account → APP Keys. Required on every public API call. Keep it secret — it grants the same access as the owning account. ````