Some Workflow Actions use an integration type called Workflow Integrations to connect to Incident Workflows. Workflow Integrations support authentication using API keys and/or OAuth, and are designed for incident response teams and administrators to securely and easily connect PagerDuty with external tools. This feature simplifies automation, enhances security, and streamlines Incident Workflows, enabling faster resolutions and improved efficiency.

Workflow Integrations are supported with the following tools:

• AWS
• Azure Functions
• Confluence
• Datadog
• GitHub
• Jeli
• Microsoft Entra ID (Azure AD)
• PagerDuty Runbook Automation
• Slack Bot Integration
• Web API

🚧

Required User Permissions

Users with the following base roles can add, update and delete Workflow Integration connections:

• Manager
• Admin
• Account Owner

Create a Workflow Integration

Workflow Integrations securely store connection credentials.

1. In the PagerDuty web app, navigate to Integrations Workflow Integrations.
2. Click Add Connection to the right of your preferred tool.

3. Expand the section below that corresponds to your preferred technology, and enter the requested information:

   1. AWS

      AWS

      Field Name	Description
      Connection Name	The name for the created connection
      Access Key ID	The associated access key ID
      Secret Access Key	The associated secret access key
      Role (optional)	Role to assume when using this connection. Can be a role ID or full ARN.
      Default Region	The default region to use when using this connection, e.g., us-east-1

   2. Azure Functions

      Azure Functions

      Field Name	Description
      Connection Name	The name to give the new connection
      API Key	The API Key for your Azure Function
      URL	The URL for the connection, e.g., https://<APP_NAME>.azurewebsites.net/api/<FUNCTION_NAME>

   3. Confluence

      Confluence

      1. After you select Add Connection, provide a Connection Name.
         • If you are using Confluence with the SRE Agent, select Allow SRE Agent Access. For more on configuring Confluence with the SRE Agent, please see Agent Tooling Configuration.
      2. Click Add. You will be taken to a page to connect PagerDuty with Confluence.
      3. Select the specific Confluence site to integrate.
      4. Click Accept.

   4. Datadog

      Datadog

      Field Name	Description
      Connection Name	The name for the created connection
      API Key	Your Datadog API key. Can be found in Datadog at Organization Settings Access API Keys
      Application Key	Your Datadog application key. Can be found in Datadog at Personal Settings Security Application Keys, or Organization Settings Access Application Keys
      Allow SRE Agent Access	If you are using Datadog with the SRE Agent, select Allow SRE Agent Access. For more on using Datadog with the SRE Agent, please see Agent Tooling Configuration .

   5. GitHub

      GitHub

      1. After you select Add Connection, provide a Connection Name and click Add. You will be taken to a page to connect PagerDuty with GitHub.
         • If you are using GitHub with the SRE Agent, select Allow SRE Agent Access. For more on configuring GitHub with the SRE Agent, please see Agent Tooling Configuration.
      2. Select the specific GitHub organizations to integrate.
      3. Click Authorize, then Continue.
      4. Review the details and then select Authorize pd-incident-workflows-integration

   6. Grafana

      Grafana

      Field Name	Description
      Connection Name	The name to give the new connection
      Default	Set this as the default connection for Grafana actions
      URL (Self-hosted or Cloud)	The URL of your Grafana instance
      Service Account Token	The Grafana service account token
      Allow SRE Agent Access	If you are using Grafana with the SRE Agent, select Allow SRE Agent Access. For more on using Grafana with the SRE Agent, please see Agent Tooling Configuration .

   7. Jeli

      Jeli

      Field Name	Description
      Connection Name	The name to give the new connection
      API Token	Enter your Jeli API token
      Username	The user who created the Jeli API token

   8. Microsoft Entra ID (Azure AD)

      Microsoft Entra ID (Azure AD)

      Field Name	Description
      Connection Name	The name to give the new connection

      You will be directed to Microsoft's login page. Follow the on-screen prompts to complete the Workflow Integration.

   9. PagerDuty Runbook Automation

      PagerDuty Runbook Automation

      Field Name	Description
      Connection Name	The name to give the new connection
      Subdomain	The subdomain for your runbook.pagerduty.cloud account
      Token	The API Token that will provide authentication
      Username	The user associated with the token

   10. Slack Bot Integration

       Slack Bot Integration

       Field Name	Description
       Connection Name	The name to give the new connection

       You will be directed to Slack's authentication page. Follow the on-screen prompts to complete the Workflow Integration.

   11. Web API

       Web API

       Field Name	Description
       Connection Name	Enter a name for the new connection
       Authentication Headers	Enter the headers to include in Web API calls made with this connection, one per line, e.g., Authorization: Bearer XXXX
       Allowed Hostnames	Enter the hostnames to allow sending these credentials to, one per line. An asterisk (*) may be used for subdomains, e.g., example.com, subdomain.example.com or *.example.com
       Health Check URL	Enter a URL to monitor the health of this connection
       Health Check Method	Select which HTTP method to use for the health check request, HEAD or GET

4. In the field Who can edit or select the connection, select All admins and global managers (default) or All admins, global managers team managers on specific teams. If you choose All admins, global managers team managers on specific teams, select one or more Teams from the Select teams dropdown.

📘

Permission Scope

This setting affects which users can edit the connection or select the connection when configuring actions in an Incident Workflow. This setting does not affect who can invoke an Incident Workflow; that setting is administered while creating or editing an Incident Workflow.

5. Click Add.

Delete a Workflow Integration

1. In the web app, navigate to Integrations Workflow Integrations.
2. Click the Integration Name (e.g., AWS, Azure Functions, etc.) that contains of the connection you'd like to delete.
3. To the right of the connection you'd like to delete, click Delete.
4. In the confirmation modal, click Delete. This action cannot be undone.

Use a Workflow Integration in Incident Workflows

Creating a Workflow Integration will allow you to use some tool-specific Incident Workflow Actions. Please read Incident Workflows for more information.