Scanning APIs with ZAP Docker image - How to provide Bearer Token?
Question
replacer.full_list(0).description=auth1
replacer.full_list(0).enabled=true
replacer.full_list(0).matchtype=REQ_HEADER
replacer.full_list(0).matchstr=apim-Key
replacer.full_list(0).regex=false
replacer.full_list(0).replacement=keyvalue12345
Now where should I provide the Bearer Token?
& when provide it like this
replacer.full_list(0).replacement=Bearer --bGciOiJSUzI1NiI
This space is giving problem between Bearer and Token.
Note: "" also not working
1 answers
solution1
1 2021-05-06 09:10:17
If you just want to add a header then theres an easier way - just st the environmental variables as per https://www.zaproxy.org/docs/desktop/start/features/authentication/#envvars
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
ZAP docker passive scanning results
ZAP websocket scanning
OWASP ZAP. How to use a cookie for scanning a website?
How to retrieve the results of AjaxSpider scan using the Java APIs of ZAP
How to make Bearer token invalid
How to persist bearer token on client side
Persisting a bearer token
Bearer before token in JWT
how to use ZAP JxBrowser in ZAP selenium?
bearer is for the authentication token but is for a different token?
Related Tags