Error Codes Reference

Auto-generated

This page is auto-generated by scanning backend/src/routes/*.ts for error responses. Do not edit manually.

953 error responses found across 39 route files.

Client Errors (4xx)

Status	Message	Route File	Endpoint
`400`	Invalid permissions. Allowed:	`admin.routes.ts`	`POST /roles`
`400`	Cannot rename system role	`admin.routes.ts`	`PATCH /roles/:id`
`400`	Invalid permissions	`admin.routes.ts`	`PATCH /roles/:id`
`400`	Cannot delete system role	`admin.routes.ts`	`DELETE /roles/:id`
`400`	Validation failed	`admin.routes.ts`	`POST /users`
`400`	Password must be at least 8 characters	`admin.routes.ts`	`POST /users/:id/reset-password`
`400`	Password must contain at least one uppercase letter	`admin.routes.ts`	`POST /users/:id/reset-password`
`400`	Password must contain at least one lowercase letter	`admin.routes.ts`	`POST /users/:id/reset-password`
`400`	Password must contain at least one number	`admin.routes.ts`	`POST /users/:id/reset-password`
`400`	Use the profile page to change your own password	`admin.routes.ts`	`POST /users/:id/reset-password`
`400`	Cannot delete your own account	`admin.routes.ts`	`DELETE /users/:id`
`400`	Start and end dates required	`admin.routes.ts`	`POST /archives`
`400`	Invalid archive ID	`admin.routes.ts`	`POST /archives/:id/restore`
`400`	Invalid interval. Must be at least 1 hour.	`admin.routes.ts`	`PUT /sync/config`
`400`	Status must be	`admin.routes.ts`	`POST /quarantine/:id/resolve`
`400`	Safety confirmation required	`admin.routes.ts`	`POST /diary/purge-seeds`
`400`	Invalid endDate format	`admin.routes.ts`	`POST /stats/recalculate`
`400`	Invalid startDate format	`admin.routes.ts`	`POST /stats/recalculate`
`400`	Invalid scan ID. Must be a positive integer.	`admin.routes.ts`	`GET /scan-history/scans/:scanId/history`
`400`	At least one scan must be selected	`admin.routes.ts`	`POST /scan-history/import`
`400`	Invalid scanId: ${scan.scanId}. Must be a positive integer.	`admin.routes.ts`	`POST /scan-history/import`
`400`	historyIds for scan ${scan.scanId} must be an array	`admin.routes.ts`	`POST /scan-history/import`
`400`	Invalid dateRangeStart format	`admin.routes.ts`	`POST /scan-history/import`
`400`	Invalid dateRangeEnd format	`admin.routes.ts`	`POST /scan-history/import`
`400`	Cannot cancel job with status: ${job.status}	`admin.routes.ts`	`POST /scan-history/jobs/:jobId/cancel`
`400`	Cannot retry a job that is still in progress	`admin.routes.ts`	`POST /scan-history/jobs/:jobId/retry-failed`
`400`	No failed runs to retry	`admin.routes.ts`	`POST /scan-history/jobs/:jobId/retry-failed`
`400`	type and data are required	`agent.routes.ts`	`POST /ingest`
`400`	Invalid ingest type: ${type}	`agent.routes.ts`	`POST /ingest`
`400`	data must be an array	`agent.routes.ts`	`POST /ingest`
`400`	Batch size ${data.length} exceeds maximum of ${MAX_BATCH_SIZE} items	`agent.routes.ts`	`POST /ingest`
`400`	Individual item exceeds maximum size of 32KB	`agent.routes.ts`	`POST /ingest`
`400`	Invalid provider ID	`ai.routes.ts`	`GET /providers/:id`
`400`	(dynamic message)	`ai.routes.ts`	`POST /providers/:id/test-connection`
`400`	No server URL configured. Enter a URL first.	`ai.routes.ts`	`POST /providers/:id/models`
`400`	No API key configured	`ai.routes.ts`	`POST /providers/:id/models`
`400`	Unsupported provider type: ${providerType}	`ai.routes.ts`	`POST /providers/:id/models`
`400`	Missing required fields: name, providerType, apiEndpoint	`ai.routes.ts`	`POST /user-providers`
`400`	Invalid modelId: must contain only alphanumeric characters, hyphens, dots, colons, slashes, or underscores (max 200 char	`ai.routes.ts`	`POST /user-providers`
`400`	No server URL configured	`ai.routes.ts`	`POST /user-providers/:id/models`
`400`	Missing required fields: feature, variables	`ai.routes.ts`	`POST /execute`
`400`	Invalid feature. Must be one of: ${validFeatures.join(	`ai.routes.ts`	`POST /execute`
`400`	Missing required fields: feature, instanceKey	`ai.routes.ts`	`POST /execute-for-vuln`
`400`	Invalid feature for vulnerability. Must be one of: ${validFeatures.join(	`ai.routes.ts`	`POST /execute-for-vuln`
`400`	Missing required field: message	`ai.routes.ts`	`POST /chat`
`400`	Chat failed	`ai.routes.ts`	`POST /chat`
`400`	No data to export	`ai.routes.ts`	`GET /reports/download/:reportId`
`400`	Query parameter	`ai.routes.ts`	`GET /vulnerability-search`
`400`	Bad Request	`aiSecurity.routes.ts`	`/api/aiSecurity`
`400`	Bad Request	`anomaly.routes.ts`	`POST /detect`
`400`	Bad Request	`apiConfig.routes.ts`	`PUT /`
`400`	(dynamic message)	`apiConfig.routes.ts`	`POST /sync-now`
`400`	name and baseUrl are required	`appsec.routes.ts`	`/api/appsec`
`400`	baseUrl must be a valid URL	`appsec.routes.ts`	`/api/appsec`
`400`	content and format are required	`appsec.routes.ts`	`POST /targets/:id/upload-spec`
`400`	File too large. Max: ${maxSize / 1024 / 1024}MB	`appsec.routes.ts`	`POST /targets/:id/upload-spec`
`400`	targetId and name are required	`appsec.routes.ts`	`POST /test-cases/seed`
`400`	Target is	`appsec.routes.ts`	`POST /test-cases/seed`
`400`	encryptionConfig key is too short. AES-256 requires a 256-bit (32-byte) key. Provide a 64-char hex string or 44-char bas	`appsec.routes.ts`	`POST /test-cases/seed`
`400`	Cannot edit assessment in	`appsec.routes.ts`	`POST /test-cases/seed`
`400`	Provide at least a description, file, or URL	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	authType and authFields are required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	URL not allowed: ${urlCheck.error \|\|	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	loginEndpoint and baseUrl are required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	URL not allowed: ${(e as any).message \|\|	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid JSON in loginPayloadTemplate	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid approach. Must be blackbox, graybox, or whitebox.	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Assessment is	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Cannot pause assessment in	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Cannot resume assessment in	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	(dynamic message)	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	status must be one of: ${validStatuses.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	name and authType are required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	authType must be one of: ${validTypes.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	URL not allowed: ${check.error}	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	targetId is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	provider must be one of: ${validProviders.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	failOnSeverity must be one of: ${validSeverities.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	callbackUrl must be a valid URL	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Failed to trigger CI/CD scan	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	callbackUrl is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid framework. Must be one of: ${validFrameworks.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	status is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Failed to update finding status	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	redactEvidence must be a boolean	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	phase0.reviewGateTimeout must be 0-3600 seconds	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	phase0.questionTimeout must be 0-3600 seconds	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	phase0.totalPhase0Timeout must be 0-7200 seconds	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	phase0.enableVoiceInput must be a boolean	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	name, regexPattern, and category are required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid regex: ${regexErr.message}	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	regexPattern and sampleText are required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	description is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	industries must be an array of industry IDs	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid industry IDs: ${invalid.join(	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Unknown service	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	apiKey is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	API key too long	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	${fieldName} must be a valid number	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	CPU degraded threshold must be less than critical threshold	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Memory degraded threshold must be less than critical threshold	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Missing required Jira config: baseUrl, email, apiToken, projectKey	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Bad Request	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Missing required fields: targetId, dedupHash, findingTitle, findingSeverity, reason, expiryDays	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	action must be	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Review comment is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	additionalDays must be a positive number	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid assessment ID	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	questionId must be a string ≤ 100 characters	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	answer must be a non-empty string ≤ 2000 characters	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	filename is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Invalid filename	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	Unsupported file type. Allowed: .json .yaml .yml .txt .md	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	content is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	name is required	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`400`	targetUrl is required	`appsecCiScan.routes.ts`	`POST /scan`
`400`	targetUrl must be a valid URL	`appsecCiScan.routes.ts`	`POST /scan`
`400`	(dynamic message)	`assetGroups.routes.ts`	`POST /`
`400`	Bad Request	`assetOwnership.routes.ts`	`GET /:assetUuid`
`400`	New password must be different from your current password	`auth.routes.ts`	`POST /change-password`
`400`	userId and newPassword are required	`auth.routes.ts`	`POST /admin/reset-password`
`400`	Password must be at least 8 characters	`auth.routes.ts`	`POST /admin/reset-password`
`400`	Password must contain at least one uppercase letter	`auth.routes.ts`	`POST /admin/reset-password`
`400`	Password must contain at least one lowercase letter	`auth.routes.ts`	`POST /admin/reset-password`
`400`	Password must contain at least one number	`auth.routes.ts`	`POST /admin/reset-password`
`400`	Validation Error	`auth.routes.ts`	`POST /mfa/validate`
`400`	MFA not enabled for user	`auth.routes.ts`	`POST /mfa/validate`
`400`	MFA setup not initiated. Please start setup first.	`auth.routes.ts`	`POST /mfa/verify`
`400`	Invalid code. Please try again.	`auth.routes.ts`	`POST /mfa/verify`
`400`	Bad Request	`auth.routes.ts`	`POST /refresh`
`400`	Validation error	`auth.routes.ts`	`POST /invite/accept`
`400`	Invalid token format	`auth.routes.ts`	`POST /invite/accept`
`400`	Token missing email claim	`auth.routes.ts`	`POST /invite/accept`
`400`	Failed to decode token	`auth.routes.ts`	`POST /invite/accept`
`400`	Invalid invite link	`auth.routes.ts`	`POST /invite/accept`
`400`	tenantId is required	`auth.routes.ts`	`POST /switch-tenant`
`400`	RESET_INVALID	`auth.routes.ts`	`POST /reset-password`
`400`	Invalid or expired reset token	`auth.routes.ts`	`POST /reset-password`
`400`	Reset token has expired	`auth.routes.ts`	`POST /reset-password`
`400`	Validation Error	`dashboard.routes.ts`	`POST /multi`
`400`	(dynamic message)	`dateExclusions.routes.ts`	`PUT /bulk`
`400`	Bad Request	`delta.routes.ts`	`/api/delta`
`400`	Bad Request	`export.routes.ts`	`POST /vulnerabilities/start`
`400`	Invalid startDate format	`export.routes.ts`	`GET /sync-logs`
`400`	Invalid endDate format	`export.routes.ts`	`GET /sync-logs`
`400`	name, url, and events (non-empty array) are required	`integration.routes.ts`	`POST /webhooks`
`400`	type, name, config, and events are required	`integration.routes.ts`	`POST /integrations`
`400`	Invalid type. Must be one of: ${INTEGRATION_TYPES.join(	`integration.routes.ts`	`POST /integrations`
`400`	Validation error	`internal.routes.ts`	`POST /provision-tenant`
`400`	Invalid schema name format	`internal.routes.ts`	`POST /provision-tenant`
`400`	Invalid request body	`internal.routes.ts`	`POST /update-tenant-status`
`400`	customerId (or slug) is required	`internal.routes.ts`	`POST /update-tenant-status`
`400`	Invalid slug format	`internal.routes.ts`	`GET /tenant-health/:slug`
`400`	customerId is required	`internal.routes.ts`	`GET /tenant-users/:customerId`
`400`	INVALID_CONFIRM_TOKEN	`internal.routes.ts`	`POST /deprovision-tenant`
`400`	Tenant must be deprovisioned before hard deletion	`internal.routes.ts`	`POST /hard-delete-tenant`
`400`	Retention period not yet expired	`internal.routes.ts`	`POST /hard-delete-tenant`
`400`	Bad Request	`license.routes.ts`	`POST /activate`
`400`	(dynamic message)	`license.routes.ts`	`POST /activate`
`400`	Bad Request	`notification.routes.ts`	`PUT /:id/read`
`400`	(dynamic message)	`osCategoryRules.routes.ts`	`POST /`
`400`	Bad Request	`proxy.routes.ts`	`POST /config-public`
`400`	Bad Request	`reconciliation.routes.ts`	`POST /compare`
`400`	name, reportType, and frequency are required	`reports.routes.ts`	`POST /scheduled`
`400`	Invalid frequency. Valid: ${validFrequencies.join(	`reports.routes.ts`	`POST /scheduled`
`400`	Invalid reportType. Valid: ${validTypes.join(	`reports.routes.ts`	`POST /scheduled`
`400`	dayOfWeek must be 0 (Sunday) through 6 (Saturday)	`reports.routes.ts`	`POST /scheduled`
`400`	dayOfMonth must be 1–31	`reports.routes.ts`	`POST /scheduled`
`400`	hour must be 0–23	`reports.routes.ts`	`POST /scheduled`
`400`	type or templateId is required	`reports.routes.ts`	`POST /generate`
`400`	(dynamic message)	`reports.routes.ts`	`POST /generate`
`400`	Bad Request	`savedFilters.routes.ts`	`GET /`
`400`	Bad Request	`sbom.routes.ts`	`POST /import`
`400`	name, slug, category, and scanType are required	`scan.routes.ts`	`POST /templates`
`400`	Invalid format. Supported: csv, json, html, executive, compliance	`scan.routes.ts`	`GET /runs/:runId/export`
`400`	scanId, frequency, and format are required	`scan.routes.ts`	`POST /reports/schedule`
`400`	Invalid frequency. Supported: ${validFrequencies.join(	`scan.routes.ts`	`POST /reports/schedule`
`400`	Invalid format. Supported: ${validFormats.join(	`scan.routes.ts`	`POST /reports/schedule`
`400`	recipients must be a non-empty array of email addresses	`scan.routes.ts`	`POST /reports/schedule`
`400`	All recipients must be valid email addresses	`scan.routes.ts`	`POST /reports/schedule`
`400`	Maximum 50 recipients allowed per scheduled report	`scan.routes.ts`	`POST /reports/schedule`
`400`	name is required	`scan.routes.ts`	`POST /`
`400`	targets array is required and must not be empty	`scan.routes.ts`	`POST /`
`400`	Maximum ${MAX_TARGETS_PER_SCAN} targets per scan	`scan.routes.ts`	`POST /`
`400`	scanPriority must be between 1 and 10	`scan.routes.ts`	`POST /`
`400`	maxConcurrentHosts must be between 1 and 100	`scan.routes.ts`	`POST /`
`400`	maxChecksPerHost must be between 1 and 50	`scan.routes.ts`	`POST /`
`400`	networkTimeoutMs must be between 1000 and 300000	`scan.routes.ts`	`POST /`
`400`	retryCount must be between 0 and 10	`scan.routes.ts`	`POST /`
`400`	bandwidthLimitKbps must be between 1 and 1000000, or null for unlimited	`scan.routes.ts`	`POST /`
`400`	Cannot move a folder into itself	`scan.routes.ts`	`PUT /folders/:id/move`
`400`	Cannot move a folder into one of its descendants	`scan.routes.ts`	`PUT /folders/:id/move`
`400`	scanId and type are required	`scan.routes.ts`	`POST /schedules`
`400`	name, startTime, and endTime are required	`scan.routes.ts`	`POST /blackout-windows`
`400`	Request body must be a custom check definition object	`scan.routes.ts`	`POST /policies/validate-check`
`400`	overrides object is required. Format: { [checkId]: { originalSeverity, newSeverity, justification } }	`scan.routes.ts`	`PUT /policies/:policyId/severity-overrides`
`400`	Validation failed	`scan.routes.ts`	`PUT /policies/:policyId/severity-overrides`
`400`	type must be	`scan.routes.ts`	`POST /target-groups`
`400`	targets array is required for static groups	`scan.routes.ts`	`POST /target-groups`
`400`	dynamicRules object is required for dynamic groups	`scan.routes.ts`	`POST /target-groups`
`400`	name, type, and config are required	`scan.routes.ts`	`POST /credentials`
`400`	Invalid credential type	`scan.routes.ts`	`POST /credentials`
`400`	targets must be a non-empty array	`scan.routes.ts`	`PUT /:id([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})`
`400`	scannerId is required	`scan.routes.ts`	`POST /external/trigger`
`400`	Unsupported scanner type: ${connector.adapterType}. Supported: tenable, qualys	`scan.routes.ts`	`POST /external/trigger`
`400`	targets is required and must be a non-empty array of strings	`scan.routes.ts`	`POST /recommend-template`
`400`	All targets must be strings	`scan.routes.ts`	`POST /recommend-template`
`400`	context.osHints must be an array of strings	`scan.routes.ts`	`POST /recommend-template`
`400`	context.ports must be an array of numbers	`scan.routes.ts`	`POST /recommend-template`
`400`	context.tags must be an array of strings	`scan.routes.ts`	`POST /recommend-template`
`400`	action is required	`scan.routes.ts`	`POST /bulk`
`400`	scanIds array is required and must not be empty	`scan.routes.ts`	`POST /bulk`
`400`	Invalid action. Supported: ${validActions.join(	`scan.routes.ts`	`POST /bulk`
`400`	Maximum 50 scans per bulk operation	`scan.routes.ts`	`POST /bulk`
`400`	verdict must be	`scan.routes.ts`	`POST /findings/:findingId/feedback`
`400`	Invalid groupBy value. Must be one of: ${validGroupBys.join(	`scan.routes.ts`	`GET /runs/:runId/clusters`
`400`	Invalid CVE ID format. Expected: CVE-YYYY-NNNNN	`scan.routes.ts`	`GET /patch-impact/:cveId`
`400`	Request body must contain a non-empty cveIds array	`scan.routes.ts`	`POST /patch-impact/bulk`
`400`	Maximum 100 CVEs per bulk request	`scan.routes.ts`	`POST /patch-impact/bulk`
`400`	Invalid CVE ID format: ${invalidCves.slice(0, 5).join(	`scan.routes.ts`	`POST /patch-impact/bulk`
`400`	name, excludeType, pattern, and reason are required	`scan.routes.ts`	`POST /exclusions`
`400`	Invalid excludeType. Supported: ${VALID_EXCLUDE_TYPES.join(	`scan.routes.ts`	`POST /exclusions`
`400`	(dynamic message)	`scan.routes.ts`	`POST /exclusions`
`400`	Invalid scope. Supported: ${VALID_EXCLUSION_SCOPES.join(	`scan.routes.ts`	`POST /exclusions`
`400`	scopeId is required when scope is	`scan.routes.ts`	`POST /exclusions`
`400`	steps must be an array with at least 2 entries	`scan.routes.ts`	`POST /chains`
`400`	Step ${i + 1}: scanId is required	`scan.routes.ts`	`POST /chains`
`400`	Step ${i + 1}: invalid triggerCondition. Supported: ${validConditions.join(	`scan.routes.ts`	`POST /chains`
`400`	Step ${i + 1}: delayMinutes must be between 0 and 1440	`scan.routes.ts`	`POST /chains`
`400`	Step ${i + 1}: scan ${step.scanId} not found	`scan.routes.ts`	`POST /chains`
`400`	Step ${i + 1}: invalid triggerCondition. Supported: ${validChainConditions.join(	`scan.routes.ts`	`PUT /chains/:id`
`400`	findingId and config.provider are required	`scan.routes.ts`	`POST /ticketing/finding`
`400`	findingIds must be a non-empty array	`scan.routes.ts`	`POST /ticketing/bulk`
`400`	config.provider is required	`scan.routes.ts`	`POST /ticketing/bulk`
`400`	Maximum 100 findings per bulk ticket operation	`scan.routes.ts`	`POST /ticketing/bulk`
`400`	url is required	`scan.routes.ts`	`POST /integrations/webhook/test`
`400`	Webhook URL rejected: ${urlCheck.error}	`scan.routes.ts`	`POST /integrations/webhook/test`
`400`	format must be one of: ${validFormats.join(	`scan.routes.ts`	`POST /integrations/webhook/config`
`400`	Maximum ${MAX_WEBHOOK_CONFIGS} webhook configs allowed	`scan.routes.ts`	`POST /integrations/webhook/config`
`400`	type must be one of: ${validTypes.join(	`scan.routes.ts`	`GET /integrations/config/:type`
`400`	No config found. Save configuration first.	`scan.routes.ts`	`POST /integrations/config/:type/test`
`400`	preferences must be an array of { notificationType, channel }	`scan.routes.ts`	`PUT /notification-preferences`
`400`	Request body must be an object with severity: days mappings	`scan.routes.ts`	`PUT /sla/config`
`400`	level must be one of: ${validLevels.join(	`scan.routes.ts`	`PUT /assets/:assetId/criticality`
`400`	type and to are required	`scan.routes.ts`	`POST /notifications/email/send`
`400`	Invalid type. Supported: ${validTypes.join(	`scan.routes.ts`	`POST /notifications/email/send`
`400`	scanName and summary are required for scan_complete type	`scan.routes.ts`	`POST /notifications/email/send`
`400`	finding object is required for critical_finding type	`scan.routes.ts`	`POST /notifications/email/send`
`400`	scanName and error are required for scan_failed type	`scan.routes.ts`	`POST /notifications/email/send`
`400`	Invalid format. Supported: cef, syslog	`scan.routes.ts`	`GET /integrations/siem/export/:runId`
`400`	status must be one of: ${validStatuses.join(	`scan.routes.ts`	`POST /findings/:findingId/status`
`400`	reason is required for status changes	`scan.routes.ts`	`POST /findings/:findingId/status`
`400`	Maximum 100 findings per batch	`scan.routes.ts`	`POST /findings/validate/batch`
`400`	scanConfigId is required and must be a string	`scan.routes.ts`	`POST /external/tenable/launch`
`400`	targets must be an array of strings if provided	`scan.routes.ts`	`POST /external/tenable/launch`
`400`	scanTitle is required and must be a string	`scan.routes.ts`	`POST /external/qualys/launch`
`400`	optionProfileId must be a string if provided	`scan.routes.ts`	`POST /external/qualys/launch`
`400`	scanId must be a string if provided	`scan.routes.ts`	`POST /weaver-score/recompute`
`400`	Name is required	`scanAgent.routes.ts`	`POST /enrollment-tokens`
`400`	targetUrl is required	`scanAgent.routes.ts`	`POST /:id/tasks`
`400`	(dynamic message)	`scanAgent.routes.ts`	`POST /:id/tasks`
`400`	x-agent-id and x-request-id headers are required	`scanner.routes.ts`	`/api/scanner`
`400`	x-agent-id and x-agent-cert headers required	`scanner.routes.ts`	`POST /gateway/verify-cert`
`400`	csrPem (public key or CSR in PEM format) is required	`scanner.routes.ts`	`POST /gateway/renew-cert`
`400`	version query param or x-agent-version header required	`scanner.routes.ts`	`GET /gateway/update-manifest`
`400`	events array is required and must not be empty	`scanner.routes.ts`	`POST /gateway/fim-events`
`400`	agentName is required and must be a string	`scanner.routes.ts`	`PATCH /agents/:id`
`400`	agentName must be 200 characters or less	`scanner.routes.ts`	`PATCH /agents/:id`
`400`	agentName must not contain HTML tags	`scanner.routes.ts`	`PATCH /agents/:id`
`400`	agentName contains disallowed characters or SQL keywords	`scanner.routes.ts`	`PATCH /agents/:id`
`400`	agentName must not be empty	`scanner.routes.ts`	`PATCH /agents/:id`
`400`	Confirmation required. Send {	`scanner.routes.ts`	`POST /agents/:id/decommission`
`400`	Cannot delete agent with status	`scanner.routes.ts`	`DELETE /agents/:id`
`400`	Agent is ${agent.status}, must be active to scan	`scanner.routes.ts`	`POST /agents/:id/scan`
`400`	sensorId is required	`scanner.routes.ts`	`POST /agents/:id/test-connectivity`
`400`	targetUrl is required	`scanner.routes.ts`	`POST /agents/:id/test-connectivity`
`400`	(dynamic message)	`scanner.routes.ts`	`POST /agents/:id/test-connectivity`
`400`	action must be	`scanner.routes.ts`	`PUT /intel/signatures/:id/review`
`400`	description is required for single CVE rule generation	`scanner.routes.ts`	`POST /ai-rules/generate`
`400`	Either cveId (with description) or cveIds array is required	`scanner.routes.ts`	`POST /ai-rules/generate`
`400`	reason is required when rejecting a rule	`scanner.routes.ts`	`POST /ai-rules/:id/reject`
`400`	signatureId, finding, and verdict are required	`scanner.routes.ts`	`POST /confidence/feedback`
`400`	serialNumber is required	`scanner.routes.ts`	`POST /mobile/mdm/enroll`
`400`	signingSecret is required	`scanner.routes.ts`	`POST /relays/:id/export`
`400`	bundle and signingSecret are required	`scanner.routes.ts`	`POST /relays/import`
`400`	relayId and signingSecret are required	`scanner.routes.ts`	`POST /relays/prepare-usb`
`400`	package and signingSecret are required	`scanner.routes.ts`	`POST /relays/import-usb`
`400`	routes array is required	`scanner.routes.ts`	`PUT /relays/:id/split-tunnel`
`400`	defaultRoute must be	`scanner.routes.ts`	`PUT /relays/:id/split-tunnel`
`400`	agentId is required	`scanner.routes.ts`	`POST /containers`
`400`	imageName is required	`scanner.routes.ts`	`POST /containers/admission-check`
`400`	Invalid AdmissionReview payload	`scanner.routes.ts`	`POST /containers/admission-webhook`
`400`	events must be an array	`scanner.routes.ts`	`POST /edr/events/batch`
`400`	Invalid CVE ID format	`scanner.routes.ts`	`GET /ai/zero-day/exposure/:cveId`
`400`	Dismiss reason is required	`scanner.routes.ts`	`POST /ai/zero-day/dismiss/:alertId`
`400`	resolution must be	`scanner.routes.ts`	`POST /ai/conflicts/:id/resolve`
`400`	Policy text is required	`scanner.routes.ts`	`POST /ai/policies`
`400`	framework is required	`scanner.routes.ts`	`POST /compliance/attestations/generate`
`400`	resolution must be one of: trust_weaverscan, trust_other, manual_review, accepted, merged, dismissed	`scanner.routes.ts`	`POST /conflicts/:id/resolve`
`400`	entries array is required and must not be empty	`scanner.routes.ts`	`POST /cmdb/import`
`400`	Each entry must have an assetId string	`scanner.routes.ts`	`POST /cmdb/import`
`400`	Entry ${entry.assetId}: criticality must be one of: ${validCriticalities.join(	`scanner.routes.ts`	`POST /cmdb/import`
`400`	agentId and events array are required	`scanner.routes.ts`	`POST /edr/fim-events`
`400`	Unknown engine: ${engine}	`scanner.routes.ts`	`POST /engine-providers/:engine/test`
`400`	Invalid engine. Must be one of: ${ENGINES.join(	`scanner.routes.ts`	`PUT /engine-providers/default`
`400`	credentials object required	`scanner.routes.ts`	`PUT /engine-providers/:engine/credentials`
`400`	entryPoint and targetAsset are required	`scanner.routes.ts`	`POST /ai/digital-twin/simulate`
`400`	Invalid ID format	`security.routes.ts`	`POST /blocked-ips/:id/unblock`
`400`	IP is already unblocked	`security.routes.ts`	`POST /blocked-ips/:id/unblock`
`400`	IP address is required	`security.routes.ts`	`POST /blocked-ips`
`400`	Invalid IP address or CIDR notation. Examples: 192.168.1.100, 10.0.0.0/24, 2001:db8::/32	`security.routes.ts`	`POST /blocked-ips`
`400`	Invalid reason. Must be one of: ${validBlockReasons.join(	`security.routes.ts`	`POST /blocked-ips`
`400`	Duration cannot exceed ${MAX_DURATION_HOURS} hours (1 year)	`security.routes.ts`	`POST /blocked-ips`
`400`	Invalid reason. Must be one of: ${validReasons.join(	`security.routes.ts`	`POST /whitelisted-ips`
`400`	Description must be a string under 500 characters	`security.routes.ts`	`POST /whitelisted-ips`
`400`	IP is already removed from whitelist	`security.routes.ts`	`POST /whitelisted-ips/:id/remove`
`400`	format must be json or csv	`security.routes.ts`	`GET /auth-logs/export`
`400`	bucket must be a string	`security.routes.ts`	`POST /auth-logs/export/s3`
`400`	region must be a string	`security.routes.ts`	`POST /auth-logs/export/s3`
`400`	prefix must be a string	`security.routes.ts`	`POST /auth-logs/export/s3`
`400`	(dynamic message)	`setup.routes.ts`	`POST /validate-license`
`400`	Bad Request	`sso.routes.ts`	`GET /status`
`400`	Validation Error	`sso.routes.ts`	`GET /status`
`400`	Invalid startDate format	`sync.routes.ts`	`POST /start`
`400`	Invalid endDate format	`sync.routes.ts`	`POST /start`
`400`	Invalid scope. Must be one of: ${VALID_SCOPES.join(	`sync.routes.ts`	`POST /start`
`400`	(dynamic message)	`sync.routes.ts`	`POST /start`
`400`	Invalid frequency. Must be between 1 and 24 hours.	`sync.routes.ts`	`PUT /frequency`
`400`	(dynamic message)	`tags.routes.ts`	`GET /tenable/assets`
`400`	Invalid value for flag	`vfp.routes.ts`	`PUT /feature-flags`
`400`	Invalid flag key	`vfp.routes.ts`	`PUT /feature-flags`
`400`	(dynamic message)	`vfp.routes.ts`	`POST /workpacks/:id/lock`
`400`	Missing	`vfp.routes.ts`	`POST /workpacks/:id/transition`
`400`	Campaign name is required	`vfp.routes.ts`	`POST /campaigns`
`400`	Playbook requires name and steps (array)	`vfp.routes.ts`	`POST /playbooks`
`400`	vulnClass is required	`vfp.routes.ts`	`GET /playbooks/match`
`400`	provider is required	`vfp.routes.ts`	`POST /tickets/test-connection`
`400`	title and provider are required	`vfp.routes.ts`	`POST /tickets/create-custom`
`400`	Missing or invalid	`vfp.routes.ts`	`POST /exceptions/:id/extend`
`400`	ids array is required	`vfp.routes.ts`	`POST /exceptions/bulk-approve`
`400`	rejectionReason is required	`vfp.routes.ts`	`POST /exceptions/bulk-reject`
`400`	Framework requires name and controls (array)	`vfp.routes.ts`	`POST /compliance/frameworks`
`400`	Template requires name, type, and sections (array)	`vfp.routes.ts`	`POST /reports/templates`
`400`	Either	`vfp.routes.ts`	`POST /reports/generate`
`400`	Team name is required	`vfp.routes.ts`	`POST /teams`
`400`	(dynamic message)	`vulnerabilities.routes.ts`	`POST /nl-query`
`400`	Invalid JSON payload	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`400`	No target URL found in webhook payload	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`400`	Invalid target URL	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`400`	Organization ID required	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Unauthorized	`appsecCiScan.routes.ts`	`/api/appsecCiScan`
`401`	Unauthorized	`audit.routes.ts`	`/api/audit`
`401`	Unauthorized	`auth.routes.ts`	`POST /login`
`401`	Invalid current password	`auth.routes.ts`	`POST /change-password`
`401`	Invalid or expired MFA token	`auth.routes.ts`	`POST /mfa/validate`
`401`	MFA validation failed	`auth.routes.ts`	`POST /mfa/validate`
`401`	Invalid MFA code	`auth.routes.ts`	`POST /mfa/validate`
`401`	Invalid or expired invite token	`auth.routes.ts`	`POST /invite/accept`
`401`	Invite token has expired	`auth.routes.ts`	`POST /invite/accept`
`401`	Selection token already used	`auth.routes.ts`	`POST /select-tenant`
`401`	Invalid or expired selection token	`auth.routes.ts`	`POST /select-tenant`
`401`	Invalid token type	`auth.routes.ts`	`POST /select-tenant`
`401`	User email not available in session	`auth.routes.ts`	`POST /switch-tenant`
`401`	Invalid service token	`internal.routes.ts`	`/api/internal`
`401`	Authentication required. Provide Authorization: Bearer <jwt> or X-Internal-API-Key header.	`internal.routes.ts`	`/api/internal`
`401`	Invalid API key	`internal.routes.ts`	`/api/internal`
`401`	User not authenticated	`scan.routes.ts`	`GET /notifications`
`401`	Invalid or missing API key	`scan.routes.ts`	`POST /integrations/config/:type/test`
`401`	Agent authentication required	`scanner.routes.ts`	`/api/scanner`
`401`	Invalid agent credentials	`scanner.routes.ts`	`/api/scanner`
`401`	Enrollment token required	`scanner.routes.ts`	`POST /gateway/register`
`401`	Invalid or expired enrollment token	`scanner.routes.ts`	`GET /gateway/download-image`
`401`	Missing signature	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Invalid signature	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Webhook signature verification not configured. Set GITHUB_WEBHOOK_SECRET.	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Missing token	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Invalid token	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`401`	Webhook token verification not configured. Set GITLAB_WEBHOOK_SECRET.	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`403`	Admin access required	`admin.routes.ts`	`GET /severity-debug`
`403`	Your role does not have module admin scope for role creation	`admin.routes.ts`	`POST /roles`
`403`	Cannot assign permissions outside your module scope	`admin.routes.ts`	`POST /roles`
`403`	SEAT_LIMIT_EXCEEDED	`admin.routes.ts`	`POST /users`
`403`	You do not have permission to assign this role.	`admin.routes.ts`	`POST /users`
`403`	User limit reached	`admin.routes.ts`	`POST /users`
`403`	Cannot modify a vendor account. Contact ThreatWeaver support.	`admin.routes.ts`	`PATCH /users/:id`
`403`	SEAT_LIMIT_REACHED	`admin.routes.ts`	`PATCH /users/:id`
`403`	Cannot delete a vendor account. Contact ThreatWeaver support.	`admin.routes.ts`	`DELETE /users/:id`
`403`	Cannot edit built-in patterns	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	You can only edit patterns owned by your organization	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	Cannot delete built-in patterns	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	You can only delete patterns owned by your organization	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	You can only toggle patterns visible to your organization	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	Forbidden	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`403`	Admin or analyst access required	`assetOwnership.routes.ts`	`PUT /:assetUuid`
`403`	Admin access required	`assetOwnership.routes.ts`	`POST /import-csv`
`403`	Forbidden	`audit.routes.ts`	`/api/audit`
`403`	Forbidden	`auth.routes.ts`	`POST /login`
`403`	You do not have access to this tenant	`auth.routes.ts`	`POST /select-tenant`
`403`	Forbidden	`delta.routes.ts`	`/api/delta`
`403`	Forbidden	`export.routes.ts`	`GET /vulnerabilities/status/:jobId`
`403`	LICENSE_MANAGED_BY_PLATFORM	`license.routes.ts`	`POST /activate`
`403`	LICENSE_ALREADY_ACTIVE	`license.routes.ts`	`POST /activate`
`403`	You do not have access to this tenant	`license.routes.ts`	`GET /tenant-entitlements`
`403`	Admin access required	`notification.routes.ts`	`GET /config`
`403`	PROXY_CONFIG_LOCKED	`proxy.routes.ts`	`POST /config-public`
`403`	Forbidden	`sbom.routes.ts`	`POST /import`
`403`	Built-in templates cannot be modified. Clone it first.	`scan.routes.ts`	`PUT /templates/:id`
`403`	Built-in templates cannot be deleted	`scan.routes.ts`	`DELETE /templates/:id`
`403`	Cannot rename system folders	`scan.routes.ts`	`PUT /folders/:id`
`403`	Cannot move system folders	`scan.routes.ts`	`PUT /folders/:id/move`
`403`	Cannot access commands for another agent	`scanner.routes.ts`	`GET /gateway/commands/:agentId`
`403`	SETUP_COMPLETE	`setup.routes.ts`	`/api/setup`
`403`	No feature flag access for your role	`vfp.routes.ts`	`GET /feature-flags`
`403`	Flag	`vfp.routes.ts`	`PUT /feature-flags`
`403`	You do not have permission to modify flag	`vfp.routes.ts`	`PUT /feature-flags`
`403`	Admin access required	`vfp.routes.ts`	`PUT /policy`
`403`	Access denied. Admin or manager role required.	`vfp.routes.ts`	`GET /audit`
`403`	You can only update work packages assigned to you	`vfp.routes.ts`	`PATCH /workpacks/:id`
`403`	You can only transition work packages assigned to you	`vfp.routes.ts`	`POST /workpacks/:id/transition`
`404`	Role not found	`admin.routes.ts`	`PATCH /roles/:id`
`404`	User not found	`admin.routes.ts`	`PATCH /users/:id`
`404`	Archive not found	`admin.routes.ts`	`DELETE /archives/:id`
`404`	Job not found	`admin.routes.ts`	`GET /sync/job/:id/stats`
`404`	Record not found	`admin.routes.ts`	`POST /quarantine/:id/resolve`
`404`	Job not found or expired	`admin.routes.ts`	`GET /stats/recalculate/:jobId`
`404`	Not Found	`ai.routes.ts`	`/api/ai`
`404`	Provider not found	`ai.routes.ts`	`GET /providers/:id`
`404`	User provider not found	`ai.routes.ts`	`PUT /user-providers/:id`
`404`	Template not found	`ai.routes.ts`	`GET /prompts/:id`
`404`	AI execution failed	`ai.routes.ts`	`POST /execute-for-vuln`
`404`	Conversation not found	`ai.routes.ts`	`POST /chat`
`404`	Report not found	`ai.routes.ts`	`DELETE /reports/:reportId`
`404`	Report not found or expired.	`ai.routes.ts`	`GET /reports/download/:reportId`
`404`	Not Found	`anomaly.routes.ts`	`PUT /:date/status`
`404`	Target not found	`appsec.routes.ts`	`/api/appsec`
`404`	Assessment not found	`appsec.routes.ts`	`POST /test-cases/seed`
`404`	(dynamic message)	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Finding not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Auth profile not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate HTML report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate executive summary	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate CSV report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate Excel report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to generate attestation report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Parent assessment not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to submit retest	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Failed to get remediation history	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Pattern not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Key not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Exception not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Question not found — it may have expired or already been answered	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Credential not found	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`404`	Assessment not found	`appsecCiScan.routes.ts`	`GET /scan/:assessmentId/status`
`404`	(dynamic message)	`assetGroups.routes.ts`	`GET /:id`
`404`	Not Found	`assetOwnership.routes.ts`	`GET /:assetUuid`
`404`	User not found	`auth.routes.ts`	`POST /change-password`
`404`	Invite not found	`auth.routes.ts`	`POST /invite/accept`
`404`	User not found in tenant	`auth.routes.ts`	`POST /select-tenant`
`404`	User not found in target tenant	`auth.routes.ts`	`POST /switch-tenant`
`404`	Not Found	`dashboard.routes.ts`	`GET /multi/:id`
`404`	(dynamic message)	`dateExclusions.routes.ts`	`PUT /:date/anomaly-status`
`404`	Not Found	`delta.routes.ts`	`/api/delta`
`404`	Not Found	`export.routes.ts`	`GET /vulnerabilities/status/:jobId`
`404`	No logs to export	`export.routes.ts`	`GET /sync-logs/download`
`404`	Webhook not found	`integration.routes.ts`	`GET /webhooks/:id`
`404`	Integration not found	`integration.routes.ts`	`GET /integrations/:id`
`404`	Job not found	`internal.routes.ts`	`GET /provisioning-status/:jobId`
`404`	User not found in routing table	`internal.routes.ts`	`POST /resend-invite`
`404`	User not found in tenant schema	`internal.routes.ts`	`POST /resend-invite`
`404`	User not found	`internal.routes.ts`	`POST /reset-user-password`
`404`	No users found for this customerId	`internal.routes.ts`	`GET /tenant-users/:customerId`
`404`	Tenant not found	`internal.routes.ts`	`POST /hard-delete-tenant`
`404`	Not Found	`notification.routes.ts`	`PUT /:id/read`
`404`	(dynamic message)	`osCategoryRules.routes.ts`	`PUT /:id`
`404`	Scheduled report not found	`reports.routes.ts`	`PUT /scheduled/:id`
`404`	Not Found	`savedFilters.routes.ts`	`PUT /:id`
`404`	Not Found	`sbom.routes.ts`	`GET /components/:id`
`404`	Template not found	`scan.routes.ts`	`GET /templates/:id`
`404`	Scan run not found	`scan.routes.ts`	`GET /runs/:runId/export`
`404`	Baseline scan run not found	`scan.routes.ts`	`GET /runs/:runId/delta/:compareRunId`
`404`	Comparison scan run not found	`scan.routes.ts`	`GET /runs/:runId/delta/:compareRunId`
`404`	Scheduled report not found	`scan.routes.ts`	`DELETE /reports/schedule/:scheduleId`
`404`	Folder not found	`scan.routes.ts`	`PUT /folders/:id`
`404`	Parent folder not found	`scan.routes.ts`	`PUT /folders/:id/move`
`404`	Host not found in this scan run	`scan.routes.ts`	`GET /runs/:runId/hosts/:hostId`
`404`	Scan not found	`scan.routes.ts`	`POST /schedules`
`404`	Schedule not found	`scan.routes.ts`	`PUT /schedules/:id`
`404`	Blackout window not found	`scan.routes.ts`	`PUT /blackout-windows/:id`
`404`	Scan policy not found	`scan.routes.ts`	`GET /policies/:policyId`
`404`	Check family	`scan.routes.ts`	`GET /check-families/:familyId/checks`
`404`	Target group not found	`scan.routes.ts`	`GET /target-groups/:groupId`
`404`	Credential not found	`scan.routes.ts`	`GET /credentials/:id`
`404`	Scanner connector not found or inactive	`scan.routes.ts`	`POST /external/trigger`
`404`	No matching scans found	`scan.routes.ts`	`POST /bulk`
`404`	First scan run not found	`scan.routes.ts`	`GET /compare/:runId1/:runId2`
`404`	Second scan run not found	`scan.routes.ts`	`GET /compare/:runId1/:runId2`
`404`	Finding not found	`scan.routes.ts`	`POST /findings/:findingId/feedback`
`404`	Notification not found	`scan.routes.ts`	`PUT /notifications/:id/read`
`404`	Exclusion not found	`scan.routes.ts`	`PUT /exclusions/:id`
`404`	Scan chain not found	`scan.routes.ts`	`PUT /chains/:id`
`404`	Plugin ${pluginId} not found	`scan.routes.ts`	`GET /plugins/:pluginId`
`404`	Webhook config not found	`scan.routes.ts`	`PUT /integrations/webhook/config/:id`
`404`	Token not found	`scanAgent.routes.ts`	`DELETE /enrollment-tokens/:id`
`404`	Agent not found	`scanAgent.routes.ts`	`GET /:id`
`404`	Scanner release not found. Contact support.	`scanner.routes.ts`	`GET /gateway/download-image`
`404`	Sensor image asset not found. Contact support.	`scanner.routes.ts`	`GET /gateway/download-image`
`404`	Agent not found	`scanner.routes.ts`	`GET /agents/:id`
`404`	No access key configured for this agent	`scanner.routes.ts`	`GET /agents/:id/access-key`
`404`	Sensor agent not found	`scanner.routes.ts`	`POST /agents/:id/test-connectivity`
`404`	No SBOM found for this agent	`scanner.routes.ts`	`GET /sbom/:agentId/latest`
`404`	No scan results found for this agent	`scanner.routes.ts`	`GET /scan-results/:agentId/latest`
`404`	Attack path not found	`scanner.routes.ts`	`GET /ai/attack-paths/:id`
`404`	Scanner not found	`scanner.routes.ts`	`GET /:slug`
`404`	(dynamic message)	`scanner.routes.ts`	`POST /ai/digital-twin/simulate`
`404`	Blocked IP entry not found	`security.routes.ts`	`POST /blocked-ips/:id/unblock`
`404`	Whitelist entry not found	`security.routes.ts`	`POST /whitelisted-ips/:id/remove`
`404`	(dynamic message)	`tags.routes.ts`	`PUT /:id`
`404`	Not Found	`vfp.routes.ts`	`/api/vfp`
`404`	Score not found	`vfp.routes.ts`	`GET /prioritization/:instanceKey`
`404`	Work package not found	`vfp.routes.ts`	`GET /workpacks/:id`
`404`	Campaign not found	`vfp.routes.ts`	`GET /campaigns/:id`
`404`	Playbook not found	`vfp.routes.ts`	`GET /playbooks/:id`
`404`	Exception not found	`vfp.routes.ts`	`GET /exceptions/:id`
`404`	Framework not found	`vfp.routes.ts`	`GET /compliance/frameworks/:id`
`404`	Assessment not found	`vfp.routes.ts`	`GET /compliance/assessments/:id`
`404`	Template not found	`vfp.routes.ts`	`GET /reports/templates/:id`
`404`	Report not found	`vfp.routes.ts`	`GET /reports/:id`
`404`	Team not found	`vfp.routes.ts`	`PUT /teams/:id`
`404`	(dynamic message)	`vulnerabilities.routes.ts`	`GET /:pluginId`
`405`	Method Not Allowed	`apiConfig.routes.ts`	`POST /`
`409`	Role already exists	`admin.routes.ts`	`POST /roles`
`409`	User with this email already exists	`admin.routes.ts`	`POST /users`
`409`	A recalculation is already in progress	`admin.routes.ts`	`POST /stats/recalculate`
`409`	GATEKEEPER_BLOCKED	`admin.routes.ts`	`POST /stats/recalculate`
`409`	An import job is already in progress	`admin.routes.ts`	`POST /scan-history/import`
`409`	Invite already accepted	`auth.routes.ts`	`POST /invite/accept`
`409`	Schema already exists	`internal.routes.ts`	`POST /provision-tenant`
`409`	User already has an active account	`internal.routes.ts`	`POST /invite-user`
`409`	Conflict	`savedFilters.routes.ts`	`POST /`
`409`	Template with slug	`scan.routes.ts`	`POST /templates`
`409`	Scan is not in trash (status must be archived)	`scan.routes.ts`	`POST /trash/restore/:id`
`409`	Scan must be in trash (archived) before permanent deletion	`scan.routes.ts`	`DELETE /trash/:id`
`409`	Cannot update a scan that is currently in progress	`scan.routes.ts`	`PUT /:id([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})`
`409`	Cannot delete a scan that is currently in progress. Stop it first.	`scan.routes.ts`	`DELETE /:id([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})`
`409`	Cannot launch scan with status	`scan.routes.ts`	`POST /:id/launch`
`409`	Cannot stop scan with status	`scan.routes.ts`	`POST /:id/stop`
`409`	Cannot pause scan with status	`scan.routes.ts`	`POST /:id/pause`
`409`	Cannot resume scan with status	`scan.routes.ts`	`POST /:id/resume`
`409`	Request rejected: replay detected or request expired	`scanner.routes.ts`	`/api/scanner`
`409`	IP address is already blocked	`security.routes.ts`	`POST /blocked-ips`
`409`	IP address is already whitelisted	`security.routes.ts`	`POST /whitelisted-ips`
`409`	A backfill or rebuild operation is already running. Please wait for it to complete.	`sync.routes.ts`	`POST /backfill`
`410`	Direct connectivity testing has been removed for security reasons. Use POST /agents/:id/test-connectivity to test via a	`scanner.routes.ts`	`POST /agents/test-connectivity-direct`
`413`	File too large. Maximum size is 1 MB.	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`413`	Document content exceeds 1 MB. Please upload a smaller file.	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`413`	Payload Too Large	`assetOwnership.routes.ts`	`POST /import-csv`
`413`	Payload Too Large	`sbom.routes.ts`	`POST /import`
`415`	Content-Type must be application/json	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`429`	Rate limit exceeded. Please wait before making more AI requests.	`ai.routes.ts`	`POST /execute`
`429`	Rate limit exceeded. Please wait before sending more messages.	`ai.routes.ts`	`POST /chat`
`429`	Too many concurrent Phase 0 streams. Close other assessment tabs and retry.	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`429`	Maximum ${MAX_CONCURRENT_SCANS} concurrent scans reached. Wait for running scans to complete.	`scan.routes.ts`	`POST /:id/launch`
`429`	Cleanup can only be performed once per hour	`security.routes.ts`	`POST /auth-logs/cleanup`

Server Errors (5xx)

Status	Message	Route File	Endpoint
`500`	(dynamic message)	`admin.routes.ts`	`GET /severity-debug`
`500`	Failed to fetch roles	`admin.routes.ts`	`GET /roles`
`500`	Failed to create role	`admin.routes.ts`	`POST /roles`
`500`	Failed to update role	`admin.routes.ts`	`PATCH /roles/:id`
`500`	Failed to delete role	`admin.routes.ts`	`DELETE /roles/:id`
`500`	Failed to fetch users	`admin.routes.ts`	`GET /users`
`500`	Failed to create user	`admin.routes.ts`	`POST /users`
`500`	Failed to update user	`admin.routes.ts`	`PATCH /users/:id`
`500`	Failed to reset password	`admin.routes.ts`	`POST /users/:id/reset-password`
`500`	Failed to delete user	`admin.routes.ts`	`DELETE /users/:id`
`500`	Failed to unlock user	`admin.routes.ts`	`POST /users/:id/unlock`
`500`	Failed to fetch settings	`admin.routes.ts`	`GET /settings`
`500`	Failed to update settings	`admin.routes.ts`	`PUT /settings`
`500`	Failed to fetch archives	`admin.routes.ts`	`GET /archives`
`500`	Failed to create archive	`admin.routes.ts`	`POST /archives`
`500`	Failed to restore archive	`admin.routes.ts`	`POST /archives/:id/restore`
`500`	Failed to delete archive	`admin.routes.ts`	`DELETE /archives/:id`
`500`	Failed to fetch archive stats	`admin.routes.ts`	`GET /archives/stats`
`500`	Failed to detect gaps	`admin.routes.ts`	`GET /sync/gaps`
`500`	Failed to fetch job stats	`admin.routes.ts`	`GET /sync/job/:id/stats`
`500`	Failed to fetch sync logs	`admin.routes.ts`	`GET /sync/logs`
`500`	Failed to fetch sync config	`admin.routes.ts`	`GET /sync/config`
`500`	Failed to update sync config	`admin.routes.ts`	`PUT /sync/config`
`500`	Failed to fetch quarantine records	`admin.routes.ts`	`GET /quarantine`
`500`	Failed to fetch quarantine stats	`admin.routes.ts`	`GET /quarantine/stats`
`500`	Failed to resolve quarantine record	`admin.routes.ts`	`POST /quarantine/:id/resolve`
`500`	Failed to fetch coverage	`admin.routes.ts`	`GET /stats/coverage`
`500`	Failed to fetch cleanup logs	`admin.routes.ts`	`GET /stats/cleanup-logs`
`500`	Failed to get recalculation status	`admin.routes.ts`	`GET /stats/recalculate/:jobId`
`500`	Failed to fetch rate limit status	`admin.routes.ts`	`GET /ratelimit/status`
`500`	Failed to update rate limit config	`admin.routes.ts`	`PUT /ratelimit/config`
`500`	Failed to fetch severity filter	`admin.routes.ts`	`GET /severity-filter`
`500`	Failed to update severity filter	`admin.routes.ts`	`PUT /severity-filter`
`500`	Failed to fetch severity summary	`admin.routes.ts`	`GET /severity-summary`
`500`	Failed to validate snapshots	`admin.routes.ts`	`GET /snapshots/validate`
`500`	Failed to repair snapshots	`admin.routes.ts`	`POST /snapshots/repair`
`500`	Failed to discover scans	`admin.routes.ts`	`GET /scan-history/scans`
`500`	Failed to get history for scan ${scanId}	`admin.routes.ts`	`GET /scan-history/scans/:scanId/history`
`500`	Failed to start import job	`admin.routes.ts`	`POST /scan-history/import`
`500`	Failed to get job status	`admin.routes.ts`	`GET /scan-history/jobs/:jobId`
`500`	Failed to list import jobs	`admin.routes.ts`	`GET /scan-history/jobs`
`500`	Failed to cancel job	`admin.routes.ts`	`POST /scan-history/jobs/:jobId/cancel`
`500`	Failed to retry failed runs	`admin.routes.ts`	`POST /scan-history/jobs/:jobId/retry-failed`
`500`	Ingest processing failed	`agent.routes.ts`	`POST /ingest`
`500`	Failed to list providers	`ai.routes.ts`	`GET /providers`
`500`	Failed to create provider	`ai.routes.ts`	`POST /providers`
`500`	Failed to seed providers	`ai.routes.ts`	`POST /providers/seed`
`500`	Failed to get provider	`ai.routes.ts`	`GET /providers/:id`
`500`	Failed to update provider	`ai.routes.ts`	`PUT /providers/:id`
`500`	Failed to set default provider	`ai.routes.ts`	`POST /providers/:id/default`
`500`	(dynamic message)	`ai.routes.ts`	`POST /providers/:id/test-connection`
`500`	Failed to discover models	`ai.routes.ts`	`POST /providers/:id/models`
`500`	Failed to delete provider	`ai.routes.ts`	`DELETE /providers/:id`
`500`	Failed to list user providers	`ai.routes.ts`	`GET /user-providers`
`500`	Failed to create user provider	`ai.routes.ts`	`POST /user-providers`
`500`	Failed to update user provider	`ai.routes.ts`	`PUT /user-providers/:id`
`500`	Failed to set preferred provider	`ai.routes.ts`	`POST /user-providers/:id/preferred`
`500`	Failed to clear preferred provider	`ai.routes.ts`	`POST /user-providers/clear-preferred`
`500`	Failed to delete user provider	`ai.routes.ts`	`DELETE /user-providers/:id`
`500`	Failed to list prompts	`ai.routes.ts`	`GET /prompts`
`500`	Failed to create prompt template	`ai.routes.ts`	`POST /prompts`
`500`	Failed to seed prompt templates	`ai.routes.ts`	`POST /prompts/seed`
`500`	Failed to get prompt template	`ai.routes.ts`	`GET /prompts/:id`
`500`	Failed to update prompt template	`ai.routes.ts`	`PUT /prompts/:id`
`500`	AI execution failed	`ai.routes.ts`	`POST /execute`
`500`	Failed to get summary context	`ai.routes.ts`	`GET /summary-context`
`500`	Chat failed	`ai.routes.ts`	`POST /chat`
`500`	Failed to list conversations	`ai.routes.ts`	`GET /conversations`
`500`	Failed to get conversation	`ai.routes.ts`	`GET /conversations/:id`
`500`	Failed to get usage stats	`ai.routes.ts`	`GET /usage/stats`
`500`	Failed to get usage logs	`ai.routes.ts`	`GET /usage/logs`
`500`	Failed to export audit logs	`ai.routes.ts`	`GET /audit/export`
`500`	Failed to list reports	`ai.routes.ts`	`GET /reports`
`500`	Failed to delete report	`ai.routes.ts`	`DELETE /reports/:reportId`
`500`	Failed to download report	`ai.routes.ts`	`GET /reports/download/:reportId`
`500`	Failed to get usage data	`ai.routes.ts`	`GET /usage/my`
`500`	Vulnerability search failed	`ai.routes.ts`	`GET /vulnerability-search`
`500`	Internal Server Error	`aiSecurity.routes.ts`	`/api/aiSecurity`
`500`	Server Error	`anomaly.routes.ts`	`GET /summary`
`500`	Server Error	`apiConfig.routes.ts`	`GET /`
`500`	Sync Failed	`apiConfig.routes.ts`	`POST /sync-now`
`500`	Failed to list targets	`appsec.routes.ts`	`/api/appsec`
`500`	Failed to get target	`appsec.routes.ts`	`/api/appsec`
`500`	Failed to create target	`appsec.routes.ts`	`/api/appsec`
`500`	Failed to update target	`appsec.routes.ts`	`/api/appsec`
`500`	Failed to archive target	`appsec.routes.ts`	`/api/appsec`
`500`	Failed to parse specification	`appsec.routes.ts`	`POST /targets/:id/upload-spec`
`500`	Failed to seed test cases	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	Failed to list assessments	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	Failed to get assessment	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	Internal server error	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	Failed to create assessment	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	Failed to update assessment	`appsec.routes.ts`	`POST /test-cases/seed`
`500`	(dynamic message)	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get scan context	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update scan context	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to start assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to rerun assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get run history	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to stop assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to pause assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to resume assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to establish event stream	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list findings	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get finding	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update finding status	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list exploit chains	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to load relationship map	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list agent logs	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list auth profiles	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to create auth profile	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update auth profile	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get auth profile	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to delete auth profile	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list reports	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get dashboard summary	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to trigger CI/CD scan	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get CI/CD scan status	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to dispatch callback	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to calculate compliance score	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to calculate compliance scores	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate HTML report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate executive summary	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate CSV report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate Excel report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate attestation report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate SARIF export	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to submit retest	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get remediation history	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to analyze finding	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get remediation summary	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list sensitive data patterns	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to create sensitive data pattern	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update sensitive data pattern	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to delete sensitive data pattern	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to test pattern	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate regex	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list industries	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to save industry selection	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to toggle pattern	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to seed sensitive data patterns	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to generate coverage report	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to create Jira ticket: ${error.message}	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get business impact	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to compute scan diff	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to load finding history	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to load finding timeline	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update scan history config	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to list exceptions	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to get exception	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to validate assessment	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to process uploaded document	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to load credentials	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to create credential	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to update credential	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to delete credential	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to retrieve credential	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to retrieve auth profile	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`500`	Failed to trigger CI/CD scan	`appsecCiScan.routes.ts`	`POST /scan`
`500`	Failed to get scan status	`appsecCiScan.routes.ts`	`GET /scan/:assessmentId/status`
`500`	Failed to get scan results	`appsecCiScan.routes.ts`	`GET /scan/:assessmentId/results`
`500`	(dynamic message)	`assetGroups.routes.ts`	`GET /`
`500`	Internal Server Error	`assetOwnership.routes.ts`	`GET /`
`500`	Failed to fetch assets	`assets.routes.ts`	`GET /`
`500`	Failed to get asset summary	`assets.routes.ts`	`GET /summary`
`500`	Failed to get vulnerability counts	`assets.routes.ts`	`GET /vulnerability-counts`
`500`	Failed to retrieve audit events	`audit.routes.ts`	`GET /events`
`500`	Server configuration error	`auth.routes.ts`	`POST /login`
`500`	Server Error	`auth.routes.ts`	`POST /login`
`500`	Failed to change password	`auth.routes.ts`	`POST /change-password`
`500`	Failed to reset password	`auth.routes.ts`	`POST /admin/reset-password`
`500`	MFA validation failed	`auth.routes.ts`	`POST /mfa/validate`
`500`	Failed to initiate MFA setup	`auth.routes.ts`	`POST /mfa/setup`
`500`	Failed to verify MFA	`auth.routes.ts`	`POST /mfa/verify`
`500`	Failed to resolve tenant	`auth.routes.ts`	`POST /invite/accept`
`500`	Failed to accept invite	`auth.routes.ts`	`POST /invite/accept`
`500`	Failed to select tenant	`auth.routes.ts`	`POST /select-tenant`
`500`	Failed to switch tenant	`auth.routes.ts`	`POST /switch-tenant`
`500`	Failed to retrieve tenant list	`auth.routes.ts`	`GET /my-tenants`
`500`	Server Error	`dashboard.routes.ts`	`GET /kpis`
`500`	(dynamic message)	`dateExclusions.routes.ts`	`GET /`
`500`	Internal Server Error	`delta.routes.ts`	`/api/delta`
`500`	Export Start Failed	`export.routes.ts`	`POST /vulnerabilities/start`
`500`	Status Check Failed	`export.routes.ts`	`GET /vulnerabilities/status/:jobId`
`500`	Download Failed	`export.routes.ts`	`GET /vulnerabilities/download/:jobId`
`500`	Export Failed	`export.routes.ts`	`GET /vulnerabilities`
`500`	Summary Failed	`export.routes.ts`	`GET /summary`
`500`	Logs Failed	`export.routes.ts`	`GET /sync-logs`
`500`	Failed to generate API documentation	`integration.routes.ts`	`GET /docs/openapi`
`500`	(dynamic message)	`integration.routes.ts`	`GET /webhooks/deliveries`
`500`	(dynamic message)	`internal.routes.ts`	`POST /provision-tenant`
`500`	Repair failed. Check server logs.	`internal.routes.ts`	`POST /repair-tenants`
`500`	Internal server error	`internal.routes.ts`	`POST /update-tenant-status`
`500`	Failed to resolve schema. Check server logs.	`internal.routes.ts`	`POST /resend-invite`
`500`	Failed to generate deployment summary	`internal.routes.ts`	`GET /deployment-summary`
`500`	Deprovisioning failed. Check server logs.	`internal.routes.ts`	`POST /deprovision-tenant`
`500`	Hard deletion failed. Check server logs.	`internal.routes.ts`	`POST /hard-delete-tenant`
`500`	Internal Server Error	`license.routes.ts`	`GET /modules`
`500`	Failed to fetch tenant entitlements	`license.routes.ts`	`GET /tenant-entitlements`
`500`	Failed to fetch badge counts	`notification.routes.ts`	`GET /badge-counts`
`500`	Internal Server Error	`notification.routes.ts`	`GET /`
`500`	(dynamic message)	`osCategoryRules.routes.ts`	`GET /`
`500`	Failed to save proxy config	`proxy.routes.ts`	`POST /config-public`
`500`	Internal Server Error	`proxy.routes.ts`	`GET /config`
`500`	Server Error	`reconciliation.routes.ts`	`GET /counts`
`500`	Failed to list scheduled reports	`reports.routes.ts`	`GET /scheduled`
`500`	Failed to create scheduled report	`reports.routes.ts`	`POST /scheduled`
`500`	Failed to update scheduled report	`reports.routes.ts`	`PUT /scheduled/:id`
`500`	Failed to delete scheduled report	`reports.routes.ts`	`DELETE /scheduled/:id`
`500`	Failed to run scheduled report	`reports.routes.ts`	`POST /scheduled/:id/run-now`
`500`	Internal Server Error	`savedFilters.routes.ts`	`GET /`
`500`	Internal Server Error	`sbom.routes.ts`	`POST /import`
`500`	(dynamic message)	`scan.routes.ts`	`GET /templates`
`500`	Failed to fetch agent stats	`scanAgent.routes.ts`	`GET /stats`
`500`	Failed to list agents	`scanAgent.routes.ts`	`GET /`
`500`	Failed to list enrollment tokens	`scanAgent.routes.ts`	`GET /enrollment-tokens/list`
`500`	Failed to create enrollment token	`scanAgent.routes.ts`	`POST /enrollment-tokens`
`500`	Failed to revoke token	`scanAgent.routes.ts`	`DELETE /enrollment-tokens/:id`
`500`	Failed to fetch agent	`scanAgent.routes.ts`	`GET /:id`
`500`	Failed to decommission agent	`scanAgent.routes.ts`	`DELETE /:id`
`500`	Failed to fetch tasks	`scanAgent.routes.ts`	`GET /:id/tasks`
`500`	Agent authentication failed	`scanner.routes.ts`	`/api/scanner`
`500`	Heartbeat processing failed	`scanner.routes.ts`	`POST /gateway/heartbeat`
`500`	SBOM ingestion failed	`scanner.routes.ts`	`POST /gateway/sbom`
`500`	Scan results ingestion failed	`scanner.routes.ts`	`POST /gateway/scan-results`
`500`	Failed to get pending commands	`scanner.routes.ts`	`GET /gateway/commands/:agentId`
`500`	Failed to get intelligence updates	`scanner.routes.ts`	`GET /gateway/intel-db/updates`
`500`	Certificate verification failed	`scanner.routes.ts`	`POST /gateway/verify-cert`
`500`	Failed to retrieve CA certificate	`scanner.routes.ts`	`GET /gateway/ca-cert`
`500`	Failed to check for updates	`scanner.routes.ts`	`GET /gateway/update-manifest`
`500`	Failed to download scanner image	`scanner.routes.ts`	`GET /gateway/download-image`
`500`	Failed to list scanner adapters	`scanner.routes.ts`	`GET /adapters`
`500`	Failed to get connector health status	`scanner.routes.ts`	`GET /connectors/health`
`500`	Failed to check connector health	`scanner.routes.ts`	`POST /connectors/health/check-all`
`500`	Failed to get sync history	`scanner.routes.ts`	`GET /connectors/:id/sync-history`
`500`	Failed to list agents	`scanner.routes.ts`	`GET /agents`
`500`	Failed to get fleet statistics	`scanner.routes.ts`	`GET /agents/fleet-stats`
`500`	Failed to get agent details	`scanner.routes.ts`	`GET /agents/:id`
`500`	Failed to retrieve access key	`scanner.routes.ts`	`GET /agents/:id/access-key`
`500`	Failed to regenerate access key	`scanner.routes.ts`	`POST /agents/:id/regenerate-access-key`
`500`	Failed to list enrollment tokens	`scanner.routes.ts`	`GET /enrollment-tokens`
`500`	Failed to list SBOM snapshots	`scanner.routes.ts`	`GET /sbom/:agentId`
`500`	Failed to get latest SBOM	`scanner.routes.ts`	`GET /sbom/:agentId/latest`
`500`	Failed to list drift events	`scanner.routes.ts`	`GET /sbom/:agentId/drift`
`500`	Failed to get sync status	`scanner.routes.ts`	`GET /intel/sync-status`
`500`	Failed to list signatures	`scanner.routes.ts`	`GET /intel/signatures`
`500`	Failed to get intelligence statistics	`scanner.routes.ts`	`GET /intel/stats`
`500`	Failed to list scan results	`scanner.routes.ts`	`GET /scan-results/:agentId`
`500`	Failed to get latest scan result	`scanner.routes.ts`	`GET /scan-results/:agentId/latest`
`500`	Failed to list remediation jobs	`scanner.routes.ts`	`GET /remediation`
`500`	Failed to list false positive patterns	`scanner.routes.ts`	`GET /false-positives`
`500`	Failed to get AI rule review queue	`scanner.routes.ts`	`GET /ai-rules/review-queue`
`500`	Failed to list mobile devices	`scanner.routes.ts`	`GET /mobile/devices`
`500`	Failed to get mobile device stats	`scanner.routes.ts`	`GET /mobile/stats`
`500`	Failed to get MDM status	`scanner.routes.ts`	`GET /mobile/mdm/status`
`500`	Failed to list relays	`scanner.routes.ts`	`GET /relays`
`500`	Failed to get relay stats	`scanner.routes.ts`	`GET /relays/stats`
`500`	Failed to get relay topology	`scanner.routes.ts`	`GET /relays/topology`
`500`	Failed to list containers	`scanner.routes.ts`	`GET /containers`
`500`	Failed to get container stats	`scanner.routes.ts`	`GET /containers/stats`
`500`	Failed to get vulnerable images	`scanner.routes.ts`	`GET /containers/vulnerable-images`
`500`	Failed to get Kubernetes overview	`scanner.routes.ts`	`GET /containers/k8s-overview`
`500`	Failed to list EDR events	`scanner.routes.ts`	`GET /edr/events`
`500`	Failed to get EDR stats	`scanner.routes.ts`	`GET /edr/stats`
`500`	Failed to get anomalies	`scanner.routes.ts`	`GET /edr/anomalies`
`500`	Failed to list FIM rules	`scanner.routes.ts`	`GET /edr/fim-rules`
`500`	Failed to get source comparison data	`scanner.routes.ts`	`GET /source-comparison`
`500`	Failed to get CMDB stats	`scanner.routes.ts`	`GET /cmdb/stats`
`500`	Failed to list FIM events	`scanner.routes.ts`	`GET /edr/fim-events`
`500`	Failed to list scanners	`scanner.routes.ts`	`GET /`
`500`	Failed to list engine providers	`scanner.routes.ts`	`GET /engine-providers`
`500`	(dynamic message)	`scanner.routes.ts`	`POST /engine-providers/:engine/test`
`500`	Failed to get scanner details	`scanner.routes.ts`	`GET /:slug`
`500`	Failed to test scanner connection	`scanner.routes.ts`	`POST /:slug/test`
`500`	Failed to fetch security logs	`security.routes.ts`	`GET /logs`
`500`	Failed to fetch security stats	`security.routes.ts`	`GET /stats`
`500`	Failed to check security alerts	`security.routes.ts`	`GET /alerts`
`500`	(dynamic message)	`security.routes.ts`	`GET /health`
`500`	Failed to fetch blocked IPs	`security.routes.ts`	`GET /blocked-ips`
`500`	Failed to unblock IP	`security.routes.ts`	`POST /blocked-ips/:id/unblock`
`500`	Failed to block IP	`security.routes.ts`	`POST /blocked-ips`
`500`	Failed to fetch whitelisted IPs	`security.routes.ts`	`GET /whitelisted-ips`
`500`	Failed to whitelist IP	`security.routes.ts`	`POST /whitelisted-ips`
`500`	Failed to remove whitelisted IP	`security.routes.ts`	`POST /whitelisted-ips/:id/remove`
`500`	Failed to fetch auth audit logs	`security.routes.ts`	`GET /auth-logs`
`500`	Failed to export auth audit logs	`security.routes.ts`	`GET /auth-logs/export`
`500`	Failed to process S3 export request	`security.routes.ts`	`POST /auth-logs/export/s3`
`500`	Failed to cleanup auth audit logs	`security.routes.ts`	`POST /auth-logs/cleanup`
`500`	Internal Server Error	`sso.routes.ts`	`GET /status`
`500`	Failed to get sync status	`sync.routes.ts`	`GET /status`
`500`	Failed to start sync	`sync.routes.ts`	`POST /start`
`500`	Failed to cancel sync	`sync.routes.ts`	`POST /cancel/:syncId`
`500`	Failed to run aggregation	`sync.routes.ts`	`POST /aggregate`
`500`	Failed to start backfill	`sync.routes.ts`	`POST /backfill`
`500`	Failed to start trend rebuild	`sync.routes.ts`	`POST /rebuild-trends`
`500`	Failed to get sync history	`sync.routes.ts`	`GET /history`
`500`	Failed to get sync frequency	`sync.routes.ts`	`GET /frequency`
`500`	Failed to set sync frequency	`sync.routes.ts`	`PUT /frequency`
`500`	Failed to get audit logs	`sync.routes.ts`	`GET /audit-log`
`500`	Failed to get stats	`sync.routes.ts`	`GET /stats`
`500`	Failed to get sync health metrics	`sync.routes.ts`	`GET /health`
`500`	Failed to get interrupted syncs	`sync.routes.ts`	`GET /interrupted`
`500`	Failed to resume sync	`sync.routes.ts`	`POST /:id/resume`
`500`	Failed to get integrity status	`sync.routes.ts`	`GET /integrity-check`
`500`	Failed to start integrity backfill	`sync.routes.ts`	`POST /integrity-backfill`
`500`	Failed to discard sync	`sync.routes.ts`	`POST /:id/discard`
`500`	(dynamic message)	`tags.routes.ts`	`GET /tenable`
`500`	Database not connected	`verify.routes.ts`	`GET /verify-jan17`
`500`	(dynamic message)	`verify.routes.ts`	`GET /verify-jan17`
`500`	Failed to get feature flags	`vfp.routes.ts`	`GET /feature-flags`
`500`	Failed to update feature flags	`vfp.routes.ts`	`PUT /feature-flags`
`500`	Failed to get policy	`vfp.routes.ts`	`GET /policy`
`500`	Failed to update policy	`vfp.routes.ts`	`PUT /policy`
`500`	Failed to get audit log	`vfp.routes.ts`	`GET /audit`
`500`	(dynamic message)	`vfp.routes.ts`	`POST /scores/recompute`
`500`	Failed to get prioritization list	`vfp.routes.ts`	`GET /prioritization`
`500`	Failed to export prioritization data	`vfp.routes.ts`	`GET /prioritization/export/csv`
`500`	Failed to get score detail	`vfp.routes.ts`	`GET /prioritization/:instanceKey`
`500`	Failed to get enrichment stats	`vfp.routes.ts`	`GET /enrichment/stats`
`500`	Failed to list work packages	`vfp.routes.ts`	`GET /workpacks`
`500`	Failed to get assigned work packages	`vfp.routes.ts`	`GET /workpacks/my`
`500`	Failed to get work package	`vfp.routes.ts`	`GET /workpacks/:id`
`500`	Failed to list campaigns	`vfp.routes.ts`	`GET /campaigns`
`500`	Failed to get campaign	`vfp.routes.ts`	`GET /campaigns/:id`
`500`	Failed to list playbooks	`vfp.routes.ts`	`GET /playbooks`
`500`	Failed to search playbooks	`vfp.routes.ts`	`GET /playbooks/search`
`500`	Failed to get playbook	`vfp.routes.ts`	`GET /playbooks/:id`
`500`	Failed to find matching playbooks	`vfp.routes.ts`	`GET /playbooks/match`
`500`	Failed to list tickets	`vfp.routes.ts`	`GET /tickets/:workPackageId`
`500`	Failed to list exceptions	`vfp.routes.ts`	`GET /exceptions`
`500`	Failed to get exception	`vfp.routes.ts`	`GET /exceptions/:id`
`500`	Failed to check expirations	`vfp.routes.ts`	`POST /exceptions/check-expirations`
`500`	Failed to get exception history	`vfp.routes.ts`	`GET /exceptions/:id/history`
`500`	Failed to get validation record	`vfp.routes.ts`	`GET /validation/:workPackageId`
`500`	Failed to get SLA policy	`vfp.routes.ts`	`GET /sla/policy`
`500`	Failed to get SLA summary	`vfp.routes.ts`	`GET /sla/summary`
`500`	Failed to list SLA breaches	`vfp.routes.ts`	`GET /sla/breaches`
`500`	Failed to run SLA check	`vfp.routes.ts`	`POST /sla/check`
`500`	Failed to list compliance frameworks	`vfp.routes.ts`	`GET /compliance/frameworks`
`500`	Failed to get compliance framework	`vfp.routes.ts`	`GET /compliance/frameworks/:id`
`500`	Failed to seed compliance frameworks	`vfp.routes.ts`	`POST /compliance/seed`
`500`	Failed to list compliance assessments	`vfp.routes.ts`	`GET /compliance/assessments`
`500`	Failed to get compliance assessment	`vfp.routes.ts`	`GET /compliance/assessments/:id`
`500`	Failed to get compliance trend	`vfp.routes.ts`	`GET /compliance/trend/:frameworkId`
`500`	Failed to list report templates	`vfp.routes.ts`	`GET /reports/templates`
`500`	Failed to get report template	`vfp.routes.ts`	`GET /reports/templates/:id`
`500`	Failed to seed report templates	`vfp.routes.ts`	`POST /reports/seed`
`500`	Failed to list reports	`vfp.routes.ts`	`GET /reports`
`500`	Failed to get report	`vfp.routes.ts`	`GET /reports/:id`
`500`	Failed to list teams	`vfp.routes.ts`	`GET /teams`
`500`	Failed to create team	`vfp.routes.ts`	`POST /teams`
`500`	Failed to update team	`vfp.routes.ts`	`PUT /teams/:id`
`500`	Failed to delete team	`vfp.routes.ts`	`DELETE /teams/:id`
`500`	(dynamic message)	`vulnerabilities.routes.ts`	`GET /`
`500`	Error fetching vulnerability summary	`vulnerabilities.routes.ts`	`GET /summary`
`500`	Internal server error processing GitHub webhook	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`500`	Internal server error processing GitLab webhook	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`502`	(dynamic message)	`ai.routes.ts`	`POST /providers/:id/models`
`502`	(dynamic message)	`scan.routes.ts`	`POST /external/tenable/launch`
`502`	Failed to retrieve scanner image from upstream.	`scanner.routes.ts`	`GET /gateway/download-image`
`502`	Empty response from upstream.	`scanner.routes.ts`	`GET /gateway/download-image`
`503`	Database not available	`admin.routes.ts`	`POST /users`
`503`	Cannot verify seat availability. Please try again.	`admin.routes.ts`	`POST /users`
`503`	Database not available	`appsec.routes.ts`	`/api/appsec`
`503`	Database not connected	`appsec.routes.ts`	`POST /ai-assessment-builder/generate`
`503`	CI/CD integration not configured	`appsecCiScan.routes.ts`	`/api/appsecCiScan`
`503`	Database not available	`appsecCiScan.routes.ts`	`POST /scan`
`503`	Database unavailable	`assetOwnership.routes.ts`	`GET /`
`503`	Service Unavailable	`auth.routes.ts`	`POST /login`
`503`	Database unavailable	`auth.routes.ts`	`POST /change-password`
`503`	Service Unavailable	`delta.routes.ts`	`/api/delta`
`503`	Database not available	`integration.routes.ts`	`GET /webhooks/deliveries`
`503`	JWT verification not configured on this server	`internal.routes.ts`	`/api/internal`
`503`	Queue not available (Redis unavailable)	`internal.routes.ts`	`GET /provisioning-status/:jobId`
`503`	Database unavailable	`notification.routes.ts`	`GET /`
`503`	Database unavailable	`proxy.routes.ts`	`POST /config-public`
`503`	Service Unavailable	`proxy.routes.ts`	`GET /config`
`503`	Database unavailable	`savedFilters.routes.ts`	`GET /`
`503`	Database unavailable	`sbom.routes.ts`	`POST /import`
`503`	Database not available	`scan.routes.ts`	`GET /templates`
`503`	Scanner	`scan.routes.ts`	`POST /external/trigger`
`503`	CI/CD API key not configured on server	`scan.routes.ts`	`POST /integrations/config/:type/test`
`503`	Database not available	`scanner.routes.ts`	`/api/scanner`
`503`	CA not yet initialized	`scanner.routes.ts`	`GET /gateway/ca-cert`
`503`	Image download not configured. Contact support.	`scanner.routes.ts`	`GET /gateway/download-image`
`503`	Database unavailable	`security.routes.ts`	`POST /blocked-ips/:id/unblock`
`503`	Database not available	`webhookReceivers.routes.ts`	`/api/webhookReceivers`
`504`	Export timed out	`export.routes.ts`	`GET /vulnerabilities`

Generated on 2026-04-05

Client Errors (4xx)​

Server Errors (5xx)​

Client Errors (4xx)

Server Errors (5xx)