Create a case

🚧

The unit21_id field is being deprecated for Entities, Events, and Instruments after September 30, 2023. Requests that use unit21_id for entity_ids and event_ids for this endpoint will fail. entity_id and event_id should be used instead. More information.

Creates a new case, sending case data in the request body.
To create a case, you MUST include the following fields: case_id, title, and created_at. The other top-level fields are optional.

If we receive a request to create a case for an case_id that already exists in our system, we will respond with a 409 error code indicating that this case cannot be created/updated. You must use the /case/update endpoint to update a case.

You can add the following objects to a case:

FieldTypeDescription
alertsArray[]Alerts that are associated with this case. Consists of alert_ids
eventsArray[]Transactions affiliated with the case. Consists of event_ids
entitiesArray[]Entities affiliated with the case. Consists of entity_ids

Updates to a cases's case_id are not allowed.

Follow the links for more information:

The response will consist of the following fields:

FieldTypeDescription
case_idStringUnique identifier of the case on your platform
previously_existedBooleanIf case (with the same case_id) already exists
Language
Authorization
Header
URL
Click Try It! to start a request and see the response here!