FAQs
Check the integration debug log (see Debug Log Reporting) for the specific error. Common causes are:
-
The Access Role is not attached to the authentication method, or does not include the secret path in its permissions.
-
The Credential ID is incorrect. Verify the exact path in the Akeyless console — paths are case-sensitive.
-
The Akeyless host field points to the wrong endpoint. For SaaS, use api.akeyless.io. For a self-hosted gateway, use the gateway's hostname.
-
Ensure the certificate has been registered as an allowed certificate in the Akeyless Certificate Auth Method, and that an Access Role is attached to that method.
-
If using a passphrase-protected key, confirm the passphrase is entered correctly in the Passphrase For Private Key field.
-
If using a self-hosted gateway, verify the SSL certificate of the gateway is trusted by the scanner, or consider testing with "Verify SSL" disabled.
-
UID tokens have a limited lifetime. If storing the token directly, verify it has not expired. Consider using the Universal Identity Token File option so the token can be rotated on disk without updating the scan credential.
-
Verify the uid-token value does not contain trailing whitespace or newline characters. The integration strips trailing whitespace from file-based tokens automatically.
-
If using a rotated secret, confirm that Secret Type is set to rotated in the scan credential. Using the static endpoint against a rotated secret does not return the current rotation values.
-
Credential values are cached for the duration of a single scan run. If credentials were rotated mid-scan, restart the scan to pick up the new values.