Problem
When calling the GET https://api.securityscorecard.io/companies/{scorecard_identifier}/active-issues endpoint of the SecurityScorecard API, users may encounter the following error:
{
"error": {
"message": "Cannot read properties of undefined (reading 'length')",
"statusCode": 500
}
}
This typically occurs when the required issue_types query parameter is missing from the request. Without this parameter, the API cannot return results, and the server throws an internal error.
Affected users may report using a command like:
curl --location 'https://api.securityscorecard.io/companies/example.com/active-issues' \
--header 'Authorization: Token YOUR_API_KEY' \
--header 'accept: application/json'
This request is invalid because it lacks the issue_types filter.
Solution
To resolve this issue, include at least one valid issue_types value as a query parameter in your request. Here's a corrected version:
curl --request GET \
--url 'https://api.securityscorecard.io/companies/example.com/active-issues?issue_types=hsts_incorrect_v2' \
--header 'Authorization: Token YOUR_API_KEY' \
--header 'accept: application/json; charset=utf-8'
You can include multiple issue types (max 12) by separating them with commas:
?issue_types=hsts_incorrect_v2,tls_weak_protocol,insecure_cookiesOnce the correct query structure is used, the API will return the active issues as expected.
Comments
0 comments
Article is closed for comments.