This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
Netsparker is pleased to announce a new feature in our Netsparker Standard 5.3 release. Netsparker Standard now supports the OAuth2 authentication mechanism. OAuth2 is an authorization framework that enables a third-party application to obtain limited access to an HTTP service.
This new feature in Netsparker Standard will enable you to configure scans for websites that require OAuth2 authentication. Our OAuth2 authentication mechanism supports all grant types and has a Custom flow option for token based authentication.
With the new OAuth2 feature Netsparker automates the login process and means that you can scan Rest APIs or web sites that support this type of authentication. Besides that, Custom flow type allows Netsparker to automate the process of any token based authentication.
For further information, see Configuring OAuth2 Authentication in Netsparker Standard.