API sequences are chains of API calls that represent user or system workflows. Identifying these sequences is critical for:
Detecting logic-based vulnerabilities
Improving testing coverage
Understanding API usage patterns
Akto automatically detects API sequences based on traffic patterns and presents them with visual flow charts and associated statistics.
The API Sequences Overview section gives a snapshot of the identified sequences:
Total Sequences: Number of detected unique API workflows
Total Transitions: Number of API call transitions between steps
Avg Probability: Likelihood of these sequences occurring in real traffic (based on behavioral analysis)
Example from your screenshot:
10 Total Sequences
196 Total Transitions
67.1% Avg Probability
Akto analyzes live traffic to group API endpoints into sequences by:
Temporal Proximity – Requests made in close succession.
Entity Linkage – Requests sharing IDs (like orderId, userId, sessionId).
orderId
userId
sessionId
User Flow Logic – Common patterns like login → fetch profile → create order.
login → fetch profile → create order
Each node in the sequence represents an endpoint (e.g., POST /api/users/login), and edges indicate transitions.
POST /api/users/login
There are multiple ways to request support from Akto. We are 24X7 available on the following:
In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
intercom
Join our discord channel for community support.
Contact help@akto.io for email support.
help@akto.io
Contact us here.
Last updated 2 months ago
