Akto WebsiteStart freeBook a demoDiscordGitHub

API Sequence

Overview

API sequences are chains of API calls that represent user or system workflows. Identifying these sequences is critical for:

  • Detecting logic-based vulnerabilities

  • Improving testing coverage

  • Understanding API usage patterns

Akto automatically detects API sequences based on traffic patterns and presents them with visual flow charts and associated statistics.

📊 API Sequence

The API Sequences Overview section gives a snapshot of the identified sequences:

  • Total Sequences: Number of detected unique API workflows

  • Total Transitions: Number of API call transitions between steps

  • Avg Probability: Likelihood of these sequences occurring in real traffic (based on behavioral analysis)

Example from your screenshot:

  • 10 Total Sequences

  • 196 Total Transitions

  • 67.1% Avg Probability

🧠 How Sequences Are Formed

Akto analyzes live traffic to group API endpoints into sequences by:

  1. Temporal Proximity – Requests made in close succession.

  2. Entity Linkage – Requests sharing IDs (like orderId, userId, sessionId).

  3. User Flow Logic – Common patterns like login → fetch profile → create order.

Each node in the sequence represents an endpoint (e.g., POST /api/users/login), and edges indicate transitions.

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

  1. In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.

  2. Join our discord channel for community support.

  3. Contact [email protected] for email support.

  4. Contact us here.

PreviousExplore modeNextgRPC API Coverage with Akto

Last updated

Was this helpful?