Support
Scan Agents

Encrypting the Agent Token

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Encrypting the Agent Token is a fundamental security measure you can take to safeguard sensitive information and enhance the integrity of your system. By encrypting the Agent Token, you can mitigate the risk of unauthorized access or tampering with critical data transmitted between the Invicti Agent and its corresponding components.

This document provides step-by-step instructions for manually encrypting your agent token and securely storing it in the appsettings.json file.

How to encrypt the Agent Token

  1. Select Agents > Manage Agents from the left-side menu.
  2. Click + Configure New Agent.
  3. Locate the Agent Token and click the Copy to clipboard icon.

  1. Open Terminal and execute the following command, replacing <Agent Token> with the genuine Agent Token you copied from the Invicti Enterprise user interface in the previous step.

Netsparker.Cloud.Agent.exe -e <Agent Token>

  1. Terminal will return the encrypted token. Copy this token.
  2. Locate the 'appsettings.json' file for the Invicti Agent (usually under Program Files) and input the encrypted token value into the 'ApiToken' parameter.

  1. Save the file.

Your agent token is now encrypted.