Operational Playbooks

Operational Playbooks provides cross-error incident runbooks for recurring production failures such as API timeouts, authentication breakdowns, CORS policy mismatches, and rate-limit recovery. Each playbook lays out triage checkpoints, containment actions, verification criteria, and prevention controls in execution order. Use these guides during active response windows when speed and correctness both matter.

Showing 1-7 of 7.

API Timeout Playbook (502/504, Deadlines, Safe Retries)

Use this playbook to separate invalid upstream responses (502) from upstream wait expiration (504), align deadlines, and apply safe retry controls.

Authorization Denial Playbook (403 / AccessDenied / PERMISSION_DENIED)

Use this playbook to triage policy-based access denials after authentication succeeds, isolate the deny layer, and apply least-privilege remediation safely.

Auth Incident Playbook (401 / UNAUTHENTICATED)

Run this incident playbook when services return 401 or UNAUTHENTICATED, using challenge semantics, bearer-token validation, and credential-source tracing to restore identity proof.

CORS Error Fix Playbook (Preflight, Origin, Credentials)

Use this playbook to resolve browser-blocked cross-origin requests by validating preflight behavior, origin policy, and credential rules, then proving safe recovery.

Rate Limit Recovery Playbook (429, Throttling, Quotas)

Use this playbook to separate transient throttling from hard quota exhaustion, then apply safe retries, traffic shaping, and quota-capacity remediation.

Resource State Playbook (404 / 410 / ResourceNotFound)

Use this playbook to separate temporary missing-resource lookups from permanent removals, then fix scope, lifecycle, and identifier drift safely.

Validation Failure Playbook (400 / 422 / INVALID_ARGUMENT)

Use this playbook to separate malformed-request failures from semantic validation failures, then fix request contracts without broad server-side bypasses.