§000 · Integration atlas

Plugs into the tools
you already run.

BlameTrail is built to sit in the middle of your existing stack, not replace it. We read your deploys, listen to your alerts, file into your Jira, and open PRs in your repos. Twenty-two connectors live today, another twenty honestly marked planned. If a tile below says "PLANNED," there's no code yet — we'd rather say that than paint a vaporware atlas.

§001 · Every connector
01

The wiring diagram.

Filter by category. Tiles marked LIVE map to real code you can wire up today. Tiles marked PLANNED are on the roadmap — email us if one of them is the difference.

Source · LIVE

GitHub

Deploy webhooks, commit + PR enrichment, AI-drafted revert and fix PRs. OAuth sign-in.

Read diffs · Write PRs
PLANNED

GitLab

Same shape as GitHub: deploy events, MR drafts, commit enrichment. Not started yet.

On the roadmap
PLANNED

Bitbucket

Cloud first, then Data Center. Parity with the GitHub connector.

On the roadmap
Chat · LIVE

Slack

Incident notifications via incoming webhook. Full Slack App with socket mode + slash commands (/bt ack, /bt resolve) is on the roadmap.

Webhook out
PLANNED

Microsoft Teams

Adaptive cards for incidents, channel-per-incident mode, approval flows for reverts.

On the roadmap
PLANNED

Discord

For OSS teams running incidents in public. Same commands as Slack, fewer compliance toggles.

On the roadmap
PLANNED

Mattermost

Self-hosted chat for regulated teams. Slash commands + webhook ingest.

On the roadmap
Obs · LIVE

Prometheus

Alertmanager webhook ingest, PromQL range queries pulled into incident recaps.

Alertmgr · Query API
Obs · LIVE

Loki

Log windows bracketed ±60s around each incident, pulled into AI recaps.

LogQL
Obs · LIVE

Datadog

Monitor-triggered incident ingest (with HMAC verification), metrics queries, APM trace enrichment.

Ingest · Query
Obs · LIVE

CloudWatch

AWS alarms via SNS, log groups via Logs API. IAM-role-scoped access with SSRF-hardened subscription confirmation.

SNS · Logs
Obs · LIVE

Grafana

Grafana Alerting webhook with bearer-token auth. Fingerprinted dedup, automatic resolution.

Webhook
Obs · LIVE

New Relic

Incident intelligence events + NRQL queries + APM trace enrichment.

Webhook · NRQL
Obs · LIVE

Sentry

Public Sentry app with OAuth 2.0, HMAC-verified webhooks, tag + stacktrace enrichment, OAuth-token refresh worker.

OAuth · Webhook
Traces · LIVE

Tempo

Grafana Tempo trace correlation — pull spans for the failing request by trace ID.

getTraceById
Traces · LIVE

Jaeger

Open-source distributed tracing. Trace lookup by ID, span rendering inside the incident.

Query API
Traces · LIVE

Honeycomb

Trace-level correlation via the Honeycomb API. BubbleUp excerpts in recaps coming next.

API key
Traces · LIVE

Elastic APM

APM server + Elasticsearch query for span retrieval.

Elasticsearch
Traces · LIVE

AWS X-Ray

IAM-role-scoped trace retrieval for AWS workloads.

GetTraceGraph
Traces · LIVE

Lightstep

Lightstep-compatible trace retrieval via their public API.

API key
Paging · LIVE

Twilio

SMS + voice (TwiML announce + DTMF ack). US/CA/UK at cost, other destinations +30% uplift.

Messaging · Voice
Paging · LIVE

VAPID push

Browser + mobile web push via RFC 8030/8291. No App Store required.

Web Push
PLANNED

PagerDuty

Bridge mode: forward alerts, mirror schedules, run both tools in parallel during migration.

On the roadmap
PLANNED

Opsgenie

Same bridge pattern as PagerDuty plus one-shot schedule import.

On the roadmap
Tickets · LIVE

Jira

OAuth 2.0 (3LO), bidirectional sync, dynamic webhook registration with auto-refresh, status + assignee mirroring.

Cloud · OAuth
PLANNED

Linear

Bidirectional sync, label mapping, automatic cycle assignment for incidents.

On the roadmap
PLANNED

Shortcut

Stories on incidents, epics on related postmortems.

On the roadmap
PLANNED

Zendesk

Auto-link customer tickets to the incident that's causing them.

On the roadmap
PLANNED

Intercom

Conversation-burst detection as a leading indicator for incidents.

On the roadmap
SSO · LIVE

WorkOS

SAML + SCIM broker for any IdP — Okta, Azure AD, Google Workspace, JumpCloud, OneLogin. Enterprise tier.

SAML · SCIM
SSO · LIVE

Google OAuth

Sign in with Google on every plan, including free.

OAuth
SSO · LIVE

GitHub OAuth

Sign in with GitHub on every plan, including free.

OAuth
PLANNED

Generic OIDC

Direct OIDC flow for IdPs WorkOS doesn't broker. Today, route through WorkOS.

On the roadmap
PLANNED

Audit SIEM export

Streaming the hash-chained audit log to Splunk, Panther, or syslog. Today we support CSV/NDJSON export only.

On the roadmap
CI/CD · LIVE

Generic deploy webhook

POST a deploy event from any CI — curl one line with a tenant-scoped dpl_* token. The one connector every other CI card below is built on.

HTTP POST
PLANNED

GitHub Actions

A maintained Action that records deploys and attaches workflow-run links. For now, call the webhook from a step directly.

On the roadmap
PLANNED

GitLab CI

A shareable pipeline component. Webhook works today.

On the roadmap
PLANNED

CircleCI

Official Orb for deploy events. Webhook works today.

On the roadmap
PLANNED

Jenkins

Plugin for classic + Blue Ocean. Webhook works today.

On the roadmap
PLANNED

Vercel

Native deploy-hook reception. Webhook works today.

On the roadmap
PLANNED

Netlify

Native deploy-hook reception. Webhook works today.

On the roadmap
PLANNED

Argo CD

GitOps-native deploy correlation for Kubernetes.

On the roadmap
§002 · Switching over
02

Getting data in today.

Two integration shapes cover most setups: an inbound deploy webhook for your CI, and provider-specific alert ingest tokens for Prometheus, Datadog, CloudWatch, Grafana, and Sentry.

A deploy event, from anywhere

Whatever ships to production should POST to BlameTrail. The generic deploy webhook accepts SHA, branch, author, and commit metadata. Tenant-scoped token, SHA-256 stored, rate limited.

  1. Register a serviceGet back a dpl_* token.
  2. Add one step to your pipelineA single cURL call with the SHA you just deployed. Works in GitHub Actions, GitLab CI, CircleCI, Jenkins, Vercel, Netlify, Argo CD, or a shell script.
  3. Correlation comes freeEvery future incident gets ranked against recent deploys. No additional wiring.
  4. Rotate anytimePOST /services/:id/deploy-webhook/rotate invalidates the previous secret.

An alert, from your observability stack

Point Prometheus Alertmanager, Datadog monitors, CloudWatch SNS, Grafana Alerting, or Sentry issues at our ingest endpoint. One token works across all of them.

  1. Mint an alert-ingest tokenSingle alt_* token, hashed at rest. Plan-gated (0/5/25).
  2. Wire the providerFour provider-specific endpoints (prometheus, datadog, cloudwatch, generic). Datadog HMAC + CloudWatch SSRF checks on by default.
  3. Dedupe + correlateEvery delivery is normalized into an alert group, deduped by fingerprint, and correlated to the right incident.
  4. Replay when neededPOST /api/alerts/deliveries/:id/replay re-enqueues a delivery for debugging without losing the original.
§003 · Bring your own
03

If we don't have it, the webhook does.

A single ingest endpoint with a stable schema, plus a REST + webhook API for everything else. cURL one in under a minute.

# POST an incident to the generic alert-ingest endpoint.
# Your tenant-scoped alt_* token is minted in the app and hashed
# at rest; the X-Idempotency-Key header makes retries safe.

curl -X POST https://blametrail.com/api/alerts/ingest/generic \
  -H "X-Alert-Token: $BT_ALERT_TOKEN" \
  -H "X-Idempotency-Key: checkout-latency-p99-2026-04-20" \
  -H "Content-Type: application/json" \
  -d '{
    "title":       "p99 latency spike on /checkout",
    "severity":    "sev2",
    "service":     "billing-api",
    "fingerprint": "checkout-latency-p99",
    "started_at":  "2026-04-20T00:47:12Z",
    "source":      "datadog",
    "links": [
      { "label": "dashboard", "url": "..." },
      { "label": "runbook",   "url": "..." }
    ]
  }'

# →  202 Accepted
{
  "delivery_id": "ad_01JXPQZ7X9M",
  "status":      "received"
}
# The normalization worker dedupes + correlates + auto-resolves.