Overview of Authentication
This document is for:
Invicti Standard, Invicti Enterprise On-Premises, Invicti Enterprise On-Demand
When you plan to use Invicti to scan a web application that contains some pages with login credentials and configurations, you first need to add those details to your Scan Options authentication fields. This is important because it enables the scanner to determine whether it is logged in or logged out during a scan.
For further information, see Invicti Enterprise Scan Options Fields and Invicti Standard Scan Options Fields.
Supported Authentication Methods in Invicti
There are multiple forms of Authentication supported in Invicti Enterprise and Invicti Standard:
- Configuring and Verifying Form Authentication in Invicti Enterprise
- Configuring Form Authentication with OTP
- Configuring Form Authentication in Invicti Standard
- Verifying the Form Authentication Configuration in Invicti Standard
- Configuring Basic, Digest, NTLM/Kerberos Authentication
- Configuring Header Authentication
- Configuring Client Certificate Authentication
- Configuring OAuth2 Authentication
There are forms of Authentication supported only in Invicti Standard:
- Configuring Smart Card Authentication in Invicti Standard
- HMAC Authentication via Scripting in Invicti Standard
- Manual Authentication
For further information, see Logout Problems and Interactive Logins in Invicti Standard.