Troubleshooting Guide

Prev Next

This topic discusses the common issues that you may encounter while running API Security Testing on your application. From incomplete scan execution to API count disparity, each of the sections includes explanations and actionable fixes to help you troubleshoot quickly and effectively.


The scan appears incomplete, or the test execution percentage is lower than expected

Below is the list of common issues that may result in the above query, their cause, and resolution:

Aborted Scans
  • Cause — The scan may have been aborted manually from the Traceable platform or automatically due to a runner issue.

  • Resolution

    • Navigate to the respective scan, Tests tab, and check the Status column for the description. For more information, see Scan Details.

    • Ensure that the runner instance is stable and has sufficient resources to execute the scan.

Scan Timeout
  • Cause — The scan has a high number of tests, but the Scan Timeout specified during creation is insufficient. As a result, not all tests are executed.

  • Resolution — Modify the Scan details to increase the Scan Timeout value. For more information, see Creating a Scan.

Unreachable APIs
  • Cause — Traceable evaluates tests within each scan as chains. If a test fails due to unreachable APIs, the dependent chain is skipped.

  • Resolution

    • Ensure that all API endpoints configured as part of the scan are reachable. To check this, navigate to TestingScans, select the respective scan, and the API Coverage tab for the respective scan.

    • Avoid using localhost or internal hosts in traces.

My scans are stuck in the Queued state

Below is the list of common issues that may result in the above query, their cause, and resolution:

All Runners are Busy
  • Cause — All the runners are busy executing scans.

  • Resolution — Allow the current scans to complete or add new runners to ensure uninterrupted scan execution without resource contention.

Idle Runners are not picking up the Scan
  • Cause

    • The runner may be inactive or migrated to a different host, causing a change in its runner ID, which is tied to the host signature.

    • The assigned runner is busy due to which the scan is pending. Idle runners do not pick up the scan unless explicitly selected during suite configuration.

  • Resolution — Complete the following steps:

    1. Navigate to TestingScans.

    2. Select the respective scan.

    3. In the page’s top right corner, click the Settings icon.

    4. Update the existing Schedule. For more information, see Creating a Scan.

    5. Click Select specific runners, and select a new one from the list of runners.

    6. At the page’s bottom right corner, click Update.

My scan shows 0 generated tests

The probable causes and resolutions may vary depending on the traffic type configured in your suite:

Traffic Type

Cause, Check, and Resolution

Live Traffic

  • Cause — No live traffic is available in the selected environment.

  • Check

    • Navigate to AnalyticsExplorer → Endpoint Traces tab, select the respective Environment, and check the traces for the past hour.

    • Navigate to TestingScans, select the respective scan, and check the API CoverageAPIs not Scanned tab to review the reason for skipped APIs and verify whether the APIs show the reason No past traffic found.

  • Resolution — Ensure that the respective environment is actively receiving API traffic.

Replay Traffic

  • Cause

    • Replay may have been disabled for the environment post-scan creation.

    • No replay APIs are stored.

    • No matching endpoints because of an added filter.

  • Check — Navigate to TestingEnvironment Config, and check whether replay is enabled and/or APIs are stored for the respective environment.

  • Resolution — Ensure that Replay is enabled for the respective environment.

DAST

  • Cause — APIs are unreachable, causing the scan to be aborted.

  • Check — Navigate to TestingScan, select the respective scan, and check the API Coverage tab for the respective scan.

  • Resolution — Ensure that all API endpoints configured as part of the scan are reachable.

  • Cause — Error in parsing the uploaded specification.

  • Check

    • Verify that the uploaded specification is valid and correctly formatted.

    • Navigate to the respective scan, Tests tab, and check the Status column for the description.

  • Resolution — Complete the following steps:

    1. Navigate to TestingScan.

    2. Select the respective scan.

    3. In the page’s top right corner, click the Settings icon.

    4. Reupload the Collection. For more information, see Creating a Scan.

    5. At the page’s bottom right corner, click Update.