Trigger
Use this runbook when backend APIs are unavailable, timing out, returning 5xx errors, or rejecting valid authenticated requests.
| Step | Action | Owner | Evidence | Status |
|---|
| 1 | Identify affected endpoints and clients | Backend / QA | Endpoint list and error response | TBD |
| 2 | Test public health endpoint or known safe endpoint | Operations | HTTP status evidence | TBD |
| 3 | Test protected endpoint with valid token | Backend / QA | API response evidence | TBD |
| 4 | Check recent deployment or config change | Release Owner | Deployment record | TBD |
| 5 | Check Laravel logs and Sentry | Backend | Sanitized evidence | TBD |
| 6 | Check database, Redis, queue, and upstream service health | Operations | Health evidence | TBD |
Common Causes
| Cause | Check |
|---|
| Bad deployment | Compare deployment time with failure start |
| Database connectivity issue | Check DB health and application errors |
| Redis or queue failure | Check queue worker and Redis status |
| Auth or token issue | Compare login and protected endpoint behavior |
| Rate limiting or WAF rule | Check Cloudflare and application logs |
Recovery Criteria
- Affected endpoints return expected status codes.
- Valid authenticated users can access protected endpoints.
- No repeated critical exceptions in Sentry.
- QA smoke tests pass for login and one protected flow.