Common Error Messages¶
This page lists common error messages you may encounter in Mayo ASPM and how to resolve them.
Scanning errors¶
"Failed to clone repository"¶
Cause: The GitHub App can't access the repository.
Fix:
- Verify the GitHub App is installed on the repo's organization.
- Verify the repo is included in the App's repository access.
- Click Sync Now in GitHub integration settings.
"Scanner timed out"¶
Cause: The scanner exceeded its time limit.
Fix:
- Check repository size — very large repos may need longer timeouts.
- For Semgrep, try reducing the rule set to security-focused rules only.
- Enterprise users can request extended timeouts.
"Scan limit exceeded"¶
Cause: You're on the Free tier and already have a scan running.
Fix: Wait for the current scan to complete, or upgrade to Pro for 5 concurrent scans.
Policy errors¶
"Rego parse error"¶
Cause: Syntax error in your Rego code.
Common fixes:
| Issue | Wrong | Correct |
|---|---|---|
| Assignment | decision = "accept" |
decision := "accept" |
Missing if |
decision := "accept" { } |
decision := "accept" if { } |
| Missing import | (none) | import rego.v1 |
"Conflicting rules for decision"¶
Cause: Two rules produce different values for the same output.
Fix: Ensure rules are mutually exclusive. Add conditions to prevent overlap. See Policy troubleshooting.
"Invalid package for policy kind"¶
Cause: The package name in your Rego doesn't match the policy kind.
Fix: Use the exact package name for your policy kind: mayo.triage, mayo.priority, mayo.ownership, mayo.project, or mayo.pr_scan.
Authentication errors¶
"Invalid or expired API key"¶
Possible causes:
- API key was revoked — check Settings > Integrations > API Keys
- API key expired — check the expiry date
- Typo in the key — copy-paste the full key value
- Trailing whitespace — trim the key in your environment variable
"Insufficient permissions"¶
Error: {"error": {"code": "insufficient_permissions", "message": "API key lacks scans:write permission"}}
Fix: Create a new API key with the required permissions. Key permissions can't be modified after creation.
"Token expired"¶
Fix: Use the refresh token to get a new access token:
curl -X POST https://mayoaspm.com/api/auth/refresh \
-H "Content-Type: application/json" \
-d '{"refresh_token": "your_refresh_token"}'
Integration errors¶
"GitHub App installation not found"¶
Cause: The GitHub App was uninstalled.
Fix: Re-install from Settings > Integrations > GitHub > Install GitHub App.
"Jira connection expired"¶
Fix: Go to Settings > Integrations > Jira > Reconnect and re-authorize.
"Webhook delivery failed"¶
Cause: The webhook URL is unreachable from Jira.
Fix:
- For Jira Cloud — usually transient; check status.mayoaspm.com
- For Jira Data Center — verify outbound connectivity to
mayoaspm.com - If persistent, go to Settings > Integrations > Jira > Repair Webhook
Ticket errors¶
"Required field missing in Jira"¶
Cause: Your Jira project has a required custom field that isn't mapped.
Fix: Configure the custom field mapping in Settings > Integrations > Jira > Custom Fields.
"Jira user not found"¶
Cause: The Mayo ASPM user doesn't have a linked Jira account.
Fix:
- Update the user's profile to include their Jira username.
- Or configure the ownership policy to use team assignment instead of individual assignment.
Rate limit errors¶
"Rate limit exceeded"¶
Error: {"error": {"code": "rate_limited", "message": "Rate limit exceeded. Retry after 32 seconds."}}
Fix: Wait for the Retry-After period, then retry. See Rate limits for details on limits by tier.
General errors¶
"Internal server error" (500)¶
Steps:
- Note the
X-Request-IDfrom the response header. - Retry the request — transient errors may resolve.
- If persistent, contact support@mayoaspm.com with the request ID.
Next steps¶
- Scanning issues
- Integration issues
- API error codes — full error code reference