Authentication methods
SecBot supports several different authentication methods to execute tests while logged in. The currently supported authentication methods are:
- Login form based
- Basic authentication
- Bearer token
- Client certificate
Please contact the support if you have questions regarding the authentication options or if the authentication used by you seems to be missing.
Login form based
The Login form based authentication option supports several widely-used login forms where a username and a password has to be provided. An additional CSRF token can be defined.
Basic authentication
Basic authentication where the credentials are sent in the Authorization
is also supported. A username and
a password have to be provided.
Bearer token
Bearer token authentication which is often used for API access is also supported. A bearer token prefix (typically Bearer
)
and the actual Bearer token have to be provided.
Client certificate
Client certificate authentication where the client uses a certificate to identify is also supported. The actual certificate and (if used) the certificate import password have to be provided. The client certificate has to be in the PKCS #12 (.p12 or .pfx) format and needs to be converted to Base64 before it can be used with SecBot.