xMatters

the xmatters connector enables automated interactions with the xmatters platform, facilitating incident management and communication processes xmatters is a digital service reliability platform that enables it, devops, and mim (major incident management) teams to automate and orchestrate tasks across their operations the xmatters turbine connector allows swimlane turbine users to integrate with xmatters, enabling automated incident response, device management, and event handling by leveraging this connector, users can streamline their security operations, reduce response times, and ensure consistent execution of incident management procedures limitations none to date supported versions this xmatters connector uses the version 1 api additional docs xmatters authentication link https //help xmatters com/xmapi/#authenticationxmatters roles and permissions link https //help xmatters com/xmapi/#roles and permissionsxmatters api documentation link https //help xmatters com/xmapi/#xmatters rest api configuration prerequisites to effectively utilize the xmatters connector for swimlane turbine, ensure you have the following prerequisites http basic authentication with these parameters url the endpoint url for the xmatters api username your xmatters account username password your xmatters account password oauth2 password credentials with these parameters url the endpoint url for the xmatters api username your xmatters account username password your xmatters account password client id the client identifier as registered in your xmatters oauth2 setup authentication methods http basic authentication url the endpoint url for the xmatters api username your xmatters username with sufficient permissions password the password associated with your xmatters account oauth2 password credentials with the following parameters url the endpoint url for the xmatters api username your xmatters username with sufficient permissions password the password associated with your xmatters account client id the client identifier as registered in xmatters for oauth authentication capabilities this xmatters connector provides the following capabilities get a device get an event get an incident by incident id get an incident by incident identifier get devices get events get incidents modify an incident trigger an event get a device returns information about a device in a device object xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get a device get an event returns information about an event xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get an event get an incident by incident id returns a specific incident in your xmatters instance by uuid you must have sufficient permissions to view the incident if you did not create it xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get an incident get an incident by incident identifier returns a specific incident in your xmatters instance by incident identifier you must have sufficient permissions to view the incident if you did not create it xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get an incident get devices returns all devices in a system users must have roles that give sufficient permission to view or edit data if devices are marked as "privileged" by a company supervisor, and you don't have the appropriate permissions, you will see asterisks in of phone numbers, email addresses, and country information xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get devices get events returns a list of events xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get events get incidents returns a list of incidents in your xmatters instance you can use the query parameters to limit your search by the requestid, status, or severity of an incident, or search for a particular keyword in the summary, description, or incident identifier the incidents returned in the results are based on your permission level xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#get incidents modify an incident updates an existing incident in xmatters to find the id of an incident, use get incidents xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#modify an incident trigger an event to trigger a form from a shell script, create an inbound integration and trigger it by sending a post request to the inbound integration url xmatters's documentation for this action can be found here https //help xmatters com/xmapi/#trigger an event configurations xmatters http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional xmatters oauth 2 0 password grant authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required oauth2 username the name of the user that is used to authenticate requests string required oauth2 password the password of the user that is used to authenticate requests string required client id the client id you can locate your client id in the web user interface by opening the workflows menu and selecting oauth string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get a device retrieve details for a specific device in xmatters by providing the required deviceid endpoint url /api/xm/1/devices/{{deviceid}} method get input argument name type required description deviceid string required the unique identifier or target name of the device to retrieve the target name of a device is the user name, followed by the (pipe) character, followed by the device name embed string optional use ?embed=timeframes to include the timeframes that each device is scheduled to receive notifications output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource emailaddress string output field emailaddress targetname string name of the resource devicetype string type of the resource description string output field description teststatus string status value externallyowned boolean output field externallyowned defaultdevice boolean output field defaultdevice prioritythreshold string output field prioritythreshold sequence number output field sequence delay number output field delay timeframes object output field timeframes count number count value total number output field total data array response data name string name of the resource starttime string time value timezone string output field timezone durationinminutes number output field durationinminutes excludeholidays boolean unique identifier days array output field days links object output field links example \[ { "status code" 200, "response headers" { "date" "tue, 15 oct 2024 09 21 33 gmt", "x trace" "1e325123 5b06 449c ce5c e4ab8c69c69d,d3fd9363 433e 4234 8c30 58b4ab817b2a", "vary" "origin,access control request method,access control request headers", "content type" "application/json", "x xss protection" "1; mode=block", "cache control" "no cache, no store, max age=0, must revalidate", "pragma" "no cache", "expires" "0", "x envoy upstream service time" "402", "server" "envoy", "strict transport security" "max age=31536000; includesubdomains; preload", "x robots tag" "noindex", "x frame options" "sameorigin", "x content type options" "nosniff", "via" "1 1 google" }, "reason" "ok", "json body" { "id" "254c95ee 4abe 47ea ae7c ae84fb4bee4f", "name" "work email", "emailaddress" "m mcbride\@xmatters com", "targetname" "mmcbride|work email", "devicetype" "email", "description" "m mcbride\@xmatters com", "teststatus" "tested", "externallyowned" false, "defaultdevice" true, "prioritythreshold" "low", "sequence" 2, "delay" 5, "timeframes" {}, "owner" {}, "links" {} } } ] get an event retrieve detailed information about a specific event in xmatters using the unique eventid provided endpoint url /api/xm/1/events/{{eventid}} method get input argument name type required description eventid string required the unique identifier or id of the event we recommend using the uuid, since the event id number might not always return results to find the id or uuid for an event, use get /events or locate the event uuid entry on the event’s properties screen in the web interface embed string optional a comma separated list of the properties to embed in the response targeted boolean optional used with ?embed=recipients if set to true, the response returns the directly targeted recipients if set to false (or omitted) the response returns the resolved recipients at string optional a date and time in utc format that represents the time in the past at which you want to view the state of the data in the system using the at query parameter tells the request to search historical data output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier plan object output field plan id string unique identifier name string name of the resource form object output field form id string unique identifier name string name of the resource eventid string unique identifier created string output field created terminated string output field terminated status string status value priority string output field priority incident string unique identifier expirationinminutes number output field expirationinminutes overridedevicerestrictions boolean unique identifier bypassphoneintro boolean output field bypassphoneintro requirephonepassword boolean output field requirephonepassword attachments array output field attachments voicemailoptions object output field voicemailoptions retry number output field retry every number output field every leave string output field leave floodcontrol boolean output field floodcontrol example \[ { "status code" 200, "response headers" { "content type" "application/json", "date" "thu, 01 jan 2024 00 00 00 gmt" }, "reason" "ok", "json body" { "id" "12345678 1234 1234 1234 123456789abc", "plan" {}, "form" {}, "eventid" "string", "created" "2024 01 01t00 00 00z", "terminated" "string", "status" "active", "priority" "string", "incident" "string", "expirationinminutes" 123, "overridedevicerestrictions" true, "bypassphoneintro" true, "requirephonepassword" true, "attachments" \[], "voicemailoptions" {} } } ] get an incident by incident id retrieve a specific incident by its uuid in your xmatters instance, ensuring access aligns with user permissions endpoint url /api/xm/1/incidents/{{incidentid}} method get input argument name type required description incidentid string required the unique identifier (or uuid) of an incident in xmatters output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier incidentidentifier string unique identifier summary string output field summary description string output field description severity object output field severity name string name of the resource status object status value name string name of the resource initiatedby object output field initiatedby id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource recipienttype string type of the resource links object output field links self string output field self commander object output field commander id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 10 jul 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "id" "ab1d6091 7d58 41e2 af72 49c69b3d9b65s", "incidentidentifier" "inc 14", "summary" "we are experiencing an issue with google compute engine in us east1 c and us eas ", "description" "existing vms may be unavailable or unreachable, and new vm creation may fail beg ", "severity" {}, "status" {}, "initiatedby" {}, "commander" {}, "createdat" "2021 04 05t04 51 48 275z", "updatedat" "2021 04 05t04 51 48 275z", "links" {} } } ] get an incident by incident identifier retrieve a specific incident in xmatters using the unique identifier, subject to user permissions endpoint url /api/xm/1/incidents/{{incidentidentifier}} method get input argument name type required description incidentidentifier string required the unique alpha numeric incident number the default identifier for incidents created by xmatters is inc for example inc 145 output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier incidentidentifier string unique identifier summary string output field summary description string output field description severity object output field severity name string name of the resource status object status value name string name of the resource initiatedby object output field initiatedby id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource recipienttype string type of the resource links object output field links self string output field self commander object output field commander id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "mon, 10 jul 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "id" "ab1d6091 7d58 41e2 af72 49c69b3d9b65s", "incidentidentifier" "inc 14", "summary" "we are experiencing an issue with google compute engine in us east1 c and us eas ", "description" "existing vms may be unavailable or unreachable, and new vm creation may fail beg ", "severity" {}, "status" {}, "initiatedby" {}, "commander" {}, "createdat" "2021 04 05t04 51 48 275z", "updatedat" "2021 04 05t04 51 48 275z", "links" {} } } ] get devices retrieves all devices within the xmatters system, respecting user permissions for data access endpoint url /api/xm/1/devices method get input argument name type required description embed string optional use ?embed=timeframes to include the timeframes that the devices are scheduled to receive notifications devicestatus string optional the status of the devices at the time of the request valid values are active, inactive devicetype string optional the type of device use one of the following values android push, apple push, email, fax, generic, text pager, text phone, voice, voice ivr devicenames string optional a comma separated list of device names returns a list of all devices with that device name phonenumberformat string optional return phone numbers in the specified format if this value is not included, phone numbers are returned in e 164 format valid values are e164 e 164 standard format country code formatted with spaces offset number optional the number of items to skip before returning results limit number optional the number of items to return output parameter type description status code number http status code of the response reason string response reason phrase count number count value total number output field total data array response data id string unique identifier name string name of the resource phonenumber string output field phonenumber targetname string name of the resource devicetype string type of the resource description string output field description teststatus string status value externallyowned boolean output field externallyowned defaultdevice boolean output field defaultdevice prioritythreshold string output field prioritythreshold sequence number output field sequence delay number output field delay owner object output field owner id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource recipienttype string type of the resource links object output field links self string output field self example \[ { "status code" 200, "response headers" { "date" "tue, 15 oct 2024 09 21 33 gmt", "x trace" "1e325123 5b06 449c ce5c e4ab8c69c69d,d3fd9363 433e 4234 8c30 58b4ab817b2a", "vary" "origin,access control request method,access control request headers", "content type" "application/json", "x xss protection" "1; mode=block", "cache control" "no cache, no store, max age=0, must revalidate", "pragma" "no cache", "expires" "0", "x envoy upstream service time" "402", "server" "envoy", "strict transport security" "max age=31536000; includesubdomains; preload", "x robots tag" "noindex", "x frame options" "sameorigin", "x content type options" "nosniff", "via" "1 1 google" }, "reason" "ok", "json body" { "count" 100, "total" 4526, "data" \[], "links" {} } } ] get events retrieves a comprehensive list of events from xmatters, offering insights into incidents and alerts endpoint url /api/xm/1/events method get input argument name type required description at string optional a date and time in utc format using the at query parameter tells the request to search historical data can be used with either a timestamp, to and from, or after and before parameters embed string optional a comma separated list of the objects to embed in the response eventtype string optional the type of event to return in the results valid values are either user or system fields string optional defines the fields to search when a search term is specified the only valid value is name, which limits the search results to the content of the event's "name" property, which are email subjects (for user events) or system event type (for system events) form string optional the unique identifier (id) or name of the form that created the events you want to view when searching for multiple forms, use a comma separated list from string optional a date in utc format that represents the start of the time range you want to search all events created at or after the specified time range are displayed in the query results use with the to query parameter to return current system data to return historical data, you must also set the at parameter as described below incidentid string optional the unique identifier (inc 1234) or uuid (id) of a single incident in xmatters the response returns all events associated with the incident limit number optional the number of items to return offset number optional the number of items to skip before returning results plan string optional the unique identifier (id) or name of the communication plan or built in integration that created the events you want to view when searching for multiple plans, use a comma separated list priority string optional the priorities of events that you want to return in the search results searching by priority is an exact match search, however you can specify multiple values in a comma separated list priority=high,medium valid values are high, medium, low propertyname string optional the name of a form property this value is not case sensitive you can have multiple property names in a comma separated list propertyvalue string optional the value of a form property this value is not case sensitive you can have multiple property values in a comma separated list propertyvalueoperator string optional the operator used when performing exact searches for unique properties the propertyvalueoperator must be used in conjunction with propertyname and propertyvalue you must have a propertyvalueoperator for each propertyname and propertyvalue in a comma separated list valid values are contains, equals contains the search results must contain the value of the propertyvalue equals the search results must exactly match the value of the propertyvalue requestid string optional the unique identifier returned from a request to trigger an inbound integration searching by request id returns the event or events that were initiated when the inbound integration was triggered resolvedusers string optional the targetname or id of a user, or users who were notified of an event multiple target names or ids must be comma separated returns a pagination of events for all specified recipients search string optional a list of search terms separated by the + sign or a space character searches are case insensitive ("data" finds "data", "data", as well as "database") and must contain at least two characters when two or more search terms are present an "and" search is performed and the result includes events that match all search terms use the fields parameter to expand or limit search results sortby string optional the criteria for sorting the returned results use with the sortorder query parameter to specify whether the results should be sorted in ascending or descending order valid values are event id, start time, status, submitter, name, priority sortorder string optional specifies whether events are sorted in ascending or descending order this parameter must be used in conjunction with the sortby query parameter valid values are ascending, descending status string optional the status of events that you want to return in the search results valid values are active, suspended, terminated submitter string optional the unique identifier (id) or name (targetname) of the submitter targetedrecipients string optional the targetname or id of users, groups, devices, or dynamic teams that were targeted as part of the event multiple target names or ids must be comma separated based on your system's settings, targeted users may or may not receive notifications at the time of the event to string optional a date in utc format that represents the end of the time range you want to search all events created at or before the specified time range are displayed in the query results use this with the from query parameter output parameter type description status code number http status code of the response reason string response reason phrase count number count value total number output field total data array response data id string unique identifier name string name of the resource eventtype string type of the resource plan object output field plan id string unique identifier name string name of the resource form object output field form id string unique identifier name string name of the resource floodcontrol boolean output field floodcontrol submitter object output field submitter id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource recipienttype string type of the resource links object output field links self string output field self priority string output field priority incident string unique identifier example \[ { "status code" 200, "response headers" { "date" "mon, 14 oct 2024 13 14 03 gmt", "x trace" "ef474a4f 3534 6766 cda0 f17c7110ec80,193e957b 790c 43ea 9402 d41d5e749cec", "vary" "origin,access control request method,access control request headers", "content type" "application/json", "x xss protection" "1; mode=block", "cache control" "no cache, no store, max age=0, must revalidate", "pragma" "no cache", "expires" "0", "x envoy upstream service time" "101", "server" "envoy", "strict transport security" "max age=31536000; includesubdomains; preload", "x robots tag" "noindex", "x frame options" "sameorigin", "x content type options" "nosniff", "via" "1 1 google" }, "reason" "ok", "json body" { "count" 1, "total" 1, "data" \[], "links" {} } } ] get incidents retrieve a filtered list of incidents from xmatters based on requestid, status, severity, or keywords in summary and description endpoint url /api/xm/1/incidents method get input argument name type required description impactedservices string optional a comma separated list of services you can specify the service either by its target name, or unique identifier any spaces or special characters in the service name must be url encoded when impactedservices is included in a request, the response returns incidents that contain any of the services as impacted services requestid string optional the unique identifier returned from a request to trigger an incident searching by requestid returns the incident that was initiated when the trigger fired resolver group string optional the target name or unique identifier of a single group in your xmatters instance any spaces or special characters in the group name must be url encoded when resolver group is included in the request, the response returns only incidents where the specified group is a resolver search string optional a list of search terms separated by the + sign or a space character the search looks for the term anywhere in the incident summary, description, or incident identifier searches are case insensitive ("alert" finds "alert", "alert", as well as "alerting") and must contain at least two characters when two or more search terms are present, the result includes incidents that match either search term use the operand and fields query parameters to expand or limit search results operand string optional the operand to use to limit or expand the search query parameter and or or and only returns incidents that have all search terms in the summary or description or returns incidents that have any of the search terms in the summary or description; this is the default if you don’t specify an operand the operand is case sensitive; for example, lowercase ‘and’ returns an error fields string optional defines the field to search when a search term is specified valid values are summary the title of the incident, description the description of the incident, incident identifier the unique alpha numeric incident number the default identifier for incidents created by xmatters is inc for example inc 145 status string optional the status of the incident at the time of the request to search for multiple values, use a comma separated list valid values are open, in progress, mitigated, resolved, rejected severity string optional the severity of the incident at the time of the request to search for multiple values, use a comma separated list valid values are critical, high, medium, low, minimal output parameter type description status code number http status code of the response reason string response reason phrase count number count value total number output field total data array response data id string unique identifier incidentidentifier string unique identifier summary string output field summary description string output field description severity object output field severity name string name of the resource status object status value name string name of the resource initiatedby object output field initiatedby id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource recipienttype string type of the resource links object output field links self string output field self commander object output field commander id string unique identifier targetname string name of the resource example \[ { "status code" 200, "response headers" { "date" "mon, 14 oct 2024 06 22 34 gmt", "x trace" "d7161258 0099 ec38 26e5 6e9d7a520fd6,f286580b 40b8 493c 9739 6828d6d8c5d0", "vary" "origin,access control request method,access control request headers", "content type" "application/json", "x xss protection" "1; mode=block", "cache control" "no cache, no store, max age=0, must revalidate", "pragma" "no cache", "expires" "0", "x envoy upstream service time" "127", "server" "envoy", "strict transport security" "max age=31536000; includesubdomains; preload", "x robots tag" "noindex", "x frame options" "sameorigin", "x content type options" "nosniff", "via" "1 1 google" }, "reason" "ok", "json body" { "count" 1, "total" 1, "data" \[], "links" {} } } ] modify an incident updates an existing incident in xmatters with the specified details provided in the json body retrieve incident ids using 'get incidents' endpoint url /api/xm/1/incidents method post input argument name type required description id string optional the unique identifier (id) of the incident incidentidentifier string optional the unique alpha numeric incident number used to look up the incident summary string optional the high level summary of the incident description string optional the concise description of the incident that provides users with additional information severity string optional the initial severity of the incident if one is not provided during incident creation, the default severity of medium is used the available options are not case sensitive critical, high, medium, low, minimal status string optional the initial status of the incident if one is not provided during incident creation, the default status of open is used the available options are not case sensitive open, in progress, mitigated, resolved, rejected output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier incidentidentifier string unique identifier summary string output field summary description string output field description severity object output field severity name string name of the resource status object status value name string name of the resource initiatedby object output field initiatedby id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource recipienttype string type of the resource links object output field links self string output field self commander object output field commander id string unique identifier targetname string name of the resource firstname string name of the resource lastname string name of the resource licensetype string type of the resource example \[ { "status code" 200, "response headers" { "date" "tue, 15 oct 2024 10 07 01 gmt", "x trace" "aa83eafb 424c e3ed a252 bf11c5887313,3aa12321 9fdc 4fe9 badd 05c6367a82b1", "vary" "origin,access control request method,access control request headers", "content type" "application/json", "x xss protection" "1; mode=block", "cache control" "no cache, no store, max age=0, must revalidate", "pragma" "no cache", "expires" "0", "x envoy upstream service time" "310", "server" "envoy", "strict transport security" "max age=31536000; includesubdomains; preload", "x robots tag" "noindex", "x frame options" "sameorigin", "x content type options" "nosniff", "via" "1 1 google" }, "reason" "ok", "json body" { "id" "ab1d6091 7d58 41e2 af72 49c69b3d9b65s", "incidentidentifier" "inc 14", "summary" "we are experiencing an issue with google compute engine in us east1 c and us eas ", "description" "existing vms may be unavailable or unreachable, and new vm creation may fail beg ", "severity" {}, "status" {}, "initiatedby" {}, "commander" {}, "createdat" "2021 04 05t04 51 48 275z", "updatedat" "2021 04 05t04 51 48 275z", "links" {} } } ] trigger an event initiate an xmatters event via a post request to the inbound integration url, requiring an 'id' as a path parameter endpoint url /api/integration/1/functions/{{id}}/triggers method post input argument name type required description id string required unique identifier recipients array optional parameter for trigger an event id string optional unique identifier recipienttype string optional type of the resource responsecountthreshold number optional parameter for trigger an event otherresponsecountthreshold number optional number of responses required from the "other recipients" group if response counts are used priority string optional the priority of the event valid values low, medium, high expirationinminutes number optional duration of the event in minutes overridedevicerestrictions boolean optional if true, notifies users on any device at any time, ignoring device timeframes and delays escalationoverride boolean optional if true, ignores shift escalation delays and broadcasts to all recipients immediately bypassphoneintro boolean optional if true, omits the standard voice greeting and plays the message immediately requirephonepassword boolean optional if true, recipients must enter their phone password before a voice notification is played attachments array optional list of file paths to attachments uploaded to xmatters temporary storage path string optional parameter for trigger an event voicemailoptions object optional options for retrying calls or leaving a voicemail for voice notifications retry number optional parameter for trigger an event output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier plan object output field plan id string unique identifier name string name of the resource form object output field form id string unique identifier name string name of the resource eventid string unique identifier created string output field created terminated string output field terminated status string status value priority string output field priority incident string unique identifier expirationinminutes number output field expirationinminutes overridedevicerestrictions boolean unique identifier bypassphoneintro boolean output field bypassphoneintro requirephonepassword boolean output field requirephonepassword attachments array output field attachments voicemailoptions object output field voicemailoptions retry number output field retry every number output field every leave string output field leave floodcontrol boolean output field floodcontrol example \[ { "status code" 200, "response headers" { "content type" "application/json", "date" "thu, 01 jan 2024 00 00 00 gmt" }, "reason" "ok", "json body" { "id" "12345678 1234 1234 1234 123456789abc", "plan" {}, "form" {}, "eventid" "string", "created" "2024 01 01t00 00 00z", "terminated" "string", "status" "active", "priority" "string", "incident" "string", "expirationinminutes" 123, "overridedevicerestrictions" true, "bypassphoneintro" true, "requirephonepassword" true, "attachments" \[], "voicemailoptions" {} } } ] response headers header description example alt svc http response header alt svc h3=" 443 "; ma=2592000,h3 29=" 443 "; ma=2592000 cache control directives for caching mechanisms no cache, no store, max age=0, must revalidate content length the length of the response body in bytes 140 content type the media type of the resource application/json date the date and time at which the message was originated tue, 15 oct 2024 09 21 33 gmt expires the date/time after which the response is considered stale 0 pragma http response header pragma no cache server information about the software used by the origin server envoy strict transport security http response header strict transport security max age=31536000; includesubdomains; preload transfer encoding http response header transfer encoding chunked vary http response header vary origin,access control request method,access control request headers via http response header via 1 1 google x content type options http response header x content type options nosniff x envoy upstream service time http response header x envoy upstream service time 127 x frame options http response header x frame options sameorigin x robots tag http response header x robots tag noindex x trace http response header x trace d7161258 0099 ec38 26e5 6e9d7a520fd6,f286580b 40b8 493c 9739 6828d6d8c5d0 x xss protection http response header x xss protection 1; mode=block