rahul
Reputation: 11
Scanning APIs with ZAP Docker image - How to provide Bearer Token?
replacer.full_list(0).description=auth1
replacer.full_list(0).enabled=true
replacer.full_list(0).matchtype=REQ_HEADER
replacer.full_list(0).matchstr=apim-Key
replacer.full_list(0).regex=false
replacer.full_list(0).replacement=keyvalue12345
Now where should I provide the Bearer Token?
& when provide it like this
replacer.full_list(0).replacement=Bearer --bGciOiJSUzI1NiI
This space is giving problem between Bearer and Token.
Note: "" also not working
Upvotes: 1
Views: 631
Answers (1)
Simon Bennetts
Reputation: 6196
If you just want to add a header then theres an easier way - just st the environmental variables as per https://www.zaproxy.org/docs/desktop/start/features/authentication/#envvars
Upvotes: 2
Related Questions
- Owasp ZAP not performing authentication during active scan using "Form-Based-Authentication" ON python project
- Header Based Authentication in Owasp zap
- How to perform form based authentication in ZAP docker instead headless scanning
- Set authentication header in zap docker based API scan
- Including Keycloak authentication for docker OWASP ZAP container
- How to run ZAP Scan to scan another container
- Zap docker - Active scan
- Scanning Rest API's through OWASP zap inside a docker environment
- How to run OWASP Zed Attack Proxy ZAP's zap-api-scan.py without requiring docker
- Pass login parameters to scan with owasp zap on docker command