Skip to content

Authentication methods

SecBot supports several different authentication methods to execute tests while logged in. The currently supported authentication methods are:

  • Login form based
  • Basic authentication
  • Bearer token
  • Client certificate

Please contact the support if you have questions regarding the authentication options or if the authentication used by you seems to be missing.

Login form based

The Login form based authentication option supports several widely-used login forms where a username and a password has to be provided. An additional CSRF token can be defined.

Basic authentication

Basic authentication where the credentials are sent in the Authorization is also supported. A username and a password have to be provided.

Bearer token

Bearer token authentication which is often used for API access is also supported. A bearer token prefix (typically Bearer) and the actual Bearer token have to be provided.

Client certificate

Client certificate authentication where the client uses a certificate to identify is also supported. The actual certificate and (if used) the certificate import password have to be provided. The client certificate has to be in the PKCS #12 (.p12 or .pfx) format and needs to be converted to Base64 before it can be used with SecBot.