Docs

ERR-001: Missing Try Catch External

External HTTP/API call has no surrounding Try/Catch block

higherror handlinguipath • power_automate • aa • blue_prism

What it detects

External HTTP/API call has no surrounding Try/Catch block Flowcerta currently surfaces this finding from the active validation pipeline for supported patterns.

Why it matters

Error-handling findings matter because unattended automations fail in ways humans do not immediately see. Without bounded retries, exception capture, and logging, a single bad dependency can create silent data loss or prolonged instability.

Example violation

An external API or HTTP call runs without a surrounding Try/Catch boundary.

Fix guidance

UiPath

  • Surround all external HTTP calls with Try/Catch and log or rethrow exceptions.
  • Use platform-native assets, credentials, bounded retries, and Log Message checkpoints instead of hardcoded literals or silent failure paths.
  • Revalidate the workflow after the change and confirm the finding no longer appears.

Power Automate

  • Surround all external HTTP calls with Try/Catch and log or rethrow exceptions.
  • Prefer environment-aware connectors, connection references, structured scopes, and explicit run-history logging.
  • Revalidate the workflow after the change and confirm the finding no longer appears.

Automation Anywhere

  • Surround all external HTTP calls with Try/Catch and log or rethrow exceptions.
  • Move sensitive values into credential vaults or externalized configuration and keep task-bot calls explicit and reviewable.
  • Revalidate the workflow after the change and confirm the finding no longer appears.

Blue Prism

  • Surround all external HTTP calls with Try/Catch and log or rethrow exceptions.
  • Use release metadata, data items, and process/page references intentionally so reviewers can trace ownership and fix paths quickly.
  • Revalidate the workflow after the change and confirm the finding no longer appears.

Verification steps

  1. Run validation again and confirm the rule no longer appears in the finding list.
  2. Review the changed workflow artifact directly to verify the risky pattern is gone.
  3. Capture the new validation result as evidence for the relevant owner or compliance review.

Compliance references

  • SOC2 CC7.2 — System Monitoring
  • HIPAA 164.308(a)(6)(ii) — Response and Reporting

Related rules

ANL-003ANL-004ERR-005

This page is generated from canonical rule seed data plus the current runtime validation mapping.

Browse all rule playbooks