5 endpoints every engineering team should monitor (but most don't).

You're probably monitoring the wrong things

When engineering teams first set up uptime monitoring, they almost always start with the same thing: their homepage. While that's a reasonable starting point, it misses the vast majority of where real failures happen.

After analyzing incident data from thousands of Sola customers, we found that most user-impacting outages originate in endpoints that teams either forgot to monitor or didn't think to add. Here are the five that matter most.

1. Your authentication endpoint

If users can't log in, nothing else matters. Your /auth/login or equivalent endpoint should be checked every minute from multiple regions. A slow auth endpoint — even one returning 200s — is often the first sign of a database problem or third-party identity provider issue.

A basic Sola HTTP check for your auth endpoint looks like this:

{
  "url": "https://api.yourapp.com/auth/login",
  "method": "POST",
  "headers": { "Content-Type": "application/json" },
  "body": { "email": "healthcheck@yourapp.com", "password": "[monitor-secret]" },
  "assertions": [
    { "type": "status_code", "value": 200 },
    { "type": "response_time_ms", "lt": 1000 }
  ]
}

{
  "url": "https://api.yourapp.com/auth/login",
  "method": "POST",
  "headers": { "Content-Type": "application/json" },
  "body": { "email": "healthcheck@yourapp.com", "password": "[monitor-secret]" },
  "assertions": [
    { "type": "status_code", "value": 200 },
    { "type": "response_time_ms", "lt": 1000 }
  ]
}

{
  "url": "https://api.yourapp.com/auth/login",
  "method": "POST",
  "headers": { "Content-Type": "application/json" },
  "body": { "email": "healthcheck@yourapp.com", "password": "[monitor-secret]" },
  "assertions": [
    { "type": "status_code", "value": 200 },
    { "type": "response_time_ms", "lt": 1000 }
  ]
}

2. Your payment processing webhook

Payment webhooks are notoriously difficult to monitor because they're event-driven. The way to monitor them is to set up a synthetic transaction and verify that the webhook fires and your endpoint responds correctly within your SLA window. Teams that skip this often discover payment failures only when finance flags missing revenue.

3. Your CDN origin check

Your CDN might be serving cached content perfectly while your origin server is completely down. Users won't notice immediately, but cache expiry will eventually expose the problem at the worst possible moment. Add a direct monitor to your origin URL that bypasses the CDN.

# Monitor your origin directly, bypassing CDN cache
GET https://origin.yourapp.com/healthz
Headers:
  Cache-Control: no-cache
  X-Bypass-CDN: true

Expected: 200 OK, response_time < 500ms

# Monitor your origin directly, bypassing CDN cache
GET https://origin.yourapp.com/healthz
Headers:
  Cache-Control: no-cache
  X-Bypass-CDN: true

Expected: 200 OK, response_time < 500ms

# Monitor your origin directly, bypassing CDN cache
GET https://origin.yourapp.com/healthz
Headers:
  Cache-Control: no-cache
  X-Bypass-CDN: true

Expected: 200 OK, response_time < 500ms

4. Your database health endpoint

Most modern frameworks support a /health or /healthz endpoint that checks database connectivity. If you've built one but aren't monitoring it externally, you're missing one of the highest-signal indicators of impending failure.

5. Your third-party dependency checks

Your service is only as reliable as the external APIs it depends on. Here's a quick reference for monitoring the most common third-party dependencies: