Support
Scans

Configuring Header Authentication

This document is for:
Invicti Standard, Invicti Enterprise On-Premises, Invicti Enterprise On-Demand

Invicti supports the Header Authentication mechanism, enabling you to configure scans for websites that require Header authentication.

Header Authentication Fields

This table lists and explains the fields in the Authentication HTTP Headers section.

Field

Description

Enabled

Select to enable Header Authentication. All listed HTTP headers will be added to all HTTP requests.

New Authentication Header

Click to add a new Authentication Header.

Name

Enter the header name. It must contain only ASCII characters.

Value

Enter the header value.

Add Authorization Header

Click this button to open a dialog for entering a header.

How to Configure Header Authentication in Invicti Enterprise

  1. Log in to Invicti Enterprise.
  2. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
  3. From the Authentication tab, select Header. The Header section is displayed.
  4. Select the Enabled checkbox.

  1. Click New Authentication Header.
  2. Complete the Name and Value fields.
  3. Click Add Authorization Header if required. The Add Authorization HTTP Header dialog is displayed.

  1. Select from the Type dropdown.

  1. Enter Credentials
  2. Click Save.

How to Configure Header Authentication in Invicti Standard

  1. Open Invicti Standard.
  2. From the Home tab, click New. The Start a New Website or Web Service Scan dialog is displayed.
  3. Click the Header tab.
  4. In the Authentication HTTP Headers section, check Enabled.
  5. In the Name field, enter the name.
  6. In the Value field, enter the value.
  7. Click Add Authorization Header if required. The Add Authorization HTTP Header dialog is displayed.

  1. Select from the Type dropdown

  1. Enter Credentials
  2. Click Save.