This topic discusses the common issues that you may encounter while running API Security Testing on your application. From incomplete scan execution to API count disparity, each of the sections includes explanations and actionable fixes to help you troubleshoot quickly and effectively.
The scan appears incomplete, or the test execution percentage is lower than expected
Below is the list of common issues that may result in the above query, their cause, and resolution:
Aborted Scans
Cause — The scan may have been aborted manually from the Traceable platform or automatically due to a runner issue.
Resolution —
Navigate to the respective scan, Tests tab, and check the Status column for the description. For more information, see Scan Details.
Ensure that the runner instance is stable and has sufficient resources to execute the scan.
Scan Timeout
Cause — The scan has a high number of tests, but the Scan Timeout specified during creation is insufficient. As a result, not all tests are executed.
Resolution — Modify the Scan details to increase the Scan Timeout value. For more information, see Creating a Scan.
Unreachable APIs
Cause — Traceable evaluates tests within each scan as chains. If a test fails due to unreachable APIs, the dependent chain is skipped.
Resolution —
Ensure that all API endpoints configured as part of the scan are reachable. To check this, navigate to Testing → Scans, select the respective scan, and the API Coverage tab for the respective scan.
Avoid using
localhost
or internal hosts in traces.
My scans are stuck in the Queued state
Below is the list of common issues that may result in the above query, their cause, and resolution:
All Runners are Busy
Cause — All the runners are busy executing scans.
Resolution — Allow the current scans to complete or add new runners to ensure uninterrupted scan execution without resource contention.
Idle Runners are not picking up the Scan
Cause —
The runner may be inactive or migrated to a different host, causing a change in its runner ID, which is tied to the host signature.
The assigned runner is busy due to which the scan is pending. Idle runners do not pick up the scan unless explicitly selected during suite configuration.
Resolution — Complete the following steps:
Navigate to Testing → Scans.
Select the respective scan.
In the page’s top right corner, click the Settings icon.
Update the existing Schedule. For more information, see Creating a Scan.
Click Select specific runners, and select a new one from the list of runners.
At the page’s bottom right corner, click Update.
My scan shows 0 generated tests
The probable causes and resolutions may vary depending on the traffic type configured in your suite:
Traffic Type | Cause, Check, and Resolution |
---|---|
Live Traffic |
|
Replay Traffic |
|
DAST |
|
|