API Troubleshooting Guide

← Back to Platform Architecture

API Troubleshooting Guide

HTTP Status Code Reference


Common Errors and Solutions

Error: 400 Bad Request — "Missing required field: narrative_content"

Cause: Appeal creation request missing narrative_content field. Solution:
  • Check request body structure
  • Ensure all required fields are present: denial_type, narrative_content, precedent_ids (optional)
  • Verify JSON is valid (no trailing commas, proper quotes)
  • Example (broken):
    POST /api/appeals
    {
      "denial_type": "FREQ_LIMIT"
    }
    Example (fixed):
    POST /api/appeals
    {
      "denial_type": "FREQ_LIMIT",
      "narrative_content": "Patient requires more intensive outpatient services to address treatment goals..."
    }
    Prevention: Always use endpoint examples from API reference as template; validate JSON before sending.

    Error: 401 Unauthorized — "Missing X-User-Id header"

    Cause: Request missing required X-User-Id header (or header invalid). Solution:
  • Add X-User-Id header to every request (except public /api/registries endpoints)
  • Verify user ID format (should be UUID)
  • Verify user ID is active (not archived)
  • Example (broken):
    curl https://api.stratumcollective.co/api/appeals
    Example (fixed):
    curl -H "X-User-Id: 3fc26b33-be13-4306-877a-c3b765cabe1d" \
      https://api.stratumcollective.co/api/appeals
    Prevention: Check Network tab in browser DevTools (inspect request headers) to verify X-User-Id is present on every request.

    Error: 402 Payment Required — "Insufficient credits. Balance: 5, Cost: 8, Shortfall: 3"

    Cause: Attempting to query marketplace clusters but user doesn't have enough credits. Credit cost is calculated as: 1 + (precedent_count / 10 × 0.5). Solution:
  • Check credit balance with GET /api/marketplace/profiles/:payer (returns credit_cost in response)
  • Allocate more credits (monthly allocation = 100)
  • Query smaller clusters (fewer precedents = lower cost)
  • Request admin to top up credits
  • Example cost table:
    CodeMeaningWhen It OccursAction
    200OKRequest succeeded, data returnedNo action needed
    201CreatedResource created successfully (appeal, cluster, etc.)Check Location header for new resource URL
    400Bad RequestInvalid input (missing field, wrong type, malformed JSON)Review request body structure; ensure all required fields present
    401UnauthorizedMissing or invalid X-User-Id headerAdd valid X-User-Id header to request
    402Payment RequiredInsufficient credits for marketplace queryAllocate more credits or query smaller clusters
    403ForbiddenUser role insufficient (not admin when required)Use non-destructive endpoints; request admin to perform operation
    404Not FoundResource doesn't exist or is soft-deleted (archived)Verify resource ID; check if resource was archived
    422Unprocessable EntityPHI validation failed; PII detected in requestRemove protected identifiers (SSN, phone, email, names)
    500Internal Server ErrorServer bug, unexpected errorInclude X-Request-ID in bug report; check server logs
    503Service UnavailableDatabase connection failed, service degradedCheck database connectivity; retry after 30 seconds
    cut -d: -f2sort
    uniq -c

    Show last 20 requests

    tail -20 /var/log/stratum-platform/api.log

    Performance Testing

    # Stress test endpoint (100 requests, 10 concurrent)
    ab -n 100 -c 10 https://api.stratumcollective.co/api/appeals
    
    

    Load test with different concurrency levels

    for concurrency in 1 5 10 20; do ab -n 100 -c $concurrency https://api.stratumcollective.co/api/appeals done

    Production Debugging

    When something is broken in production:
  • Check infrastructure status
  • [ ] Is database up? (SELECT 1)
  • [ ] Are servers up? (ping, SSH test)
  • [ ] Is network connectivity OK? (check DNS, routing)
  • Check application logs
  • [ ] Are 5xx errors spiking? (check error rate dashboard)
  • [ ] Search logs for errors related to recent change
  • [ ] Look for patterns (all endpoints broken vs. specific endpoint)
  • Check monitoring tools
  • [ ] Cloudflare dashboard (if using Cloudflare proxy) — check error rates, cache hit ratio
  • [ ] Application error tracking (Sentry, LogRocket) — see top errors
  • [ ] Database monitoring — check slow query log, long-running transactions
  • [ ] Infrastructure metrics — CPU, memory, disk, network (check with top, df, netstat)
  • Rollback or hotfix
  • [ ] If broken after recent deploy, consider rollback
  • [ ] If quick fix exists, deploy hotfix to main and trigger deploy workflow
  • [ ] Monitor error rate for 10 minutes after deploy
  • Incident communication
  • [ ] Post status update to #incidents Slack channel
  • [ ] Include: time started, impact (how many users), status (investigating/mitigating/resolved)
  • [ ] Post follow-up: what was root cause, what we'll do to prevent

  • Related Documentation

  • API Overview — System architecture, data model, core concepts
  • API Endpoints Reference — All endpoints, request/response examples
  • Authentication & Security — X-User-Id header, role-based access, HIPAA compliance
  • Monitoring Guide — Error rate dashboards, alerting rules, metrics definitions
  • Database Schema — Table definitions, relationships, indexes