Use the endpoint "/incident" with POST data. There are some details that are worth going through though:
- The POST data must contain all the investigation data. If you do not provide the field data for a specific field, it will be wiped from the investigation.
- You must match up the "version" at which the current incident is at.
To satisfy the above, the easiest method would be:
- Use the "/investigation/<incident-id>" in a POST request to obtain the latest information of the investigation
- This requires the headers to include the API token in the "Authorization" key and "Content-Type" to be "application/json"
- This will return a JSON of the current state of the investigation. You make changes to this JSON data.
- Send the changed JSON data back using the POST method to the "/incident" endpoint
- Use the modified JSON in the payload
- Headers are the same as the previous POST request
The result should be instant.
The reasoning behind the "version" match is that changes should be made to latest version of the incident to prevent race-conditions. If you specify a version number that is not the latest (i.e. someone else made a change just before you did) then the call will fail with the error:
"title": "Optimistic lock error",
"detail": "Optimistic lock error",
"error": "DB Version '4' and Insert version '10' do not match for id: 97 on bucket  [incidents] (15)",
The DB version will show which version you sent the change for and the version that the incident is currently at.
I hope this helps.