Credentials in WAS Scans
Note: The topics in this section describe credentials in the new interface only. If you activate the new interface, you can view a snapshot of historical credentials that you configured in the classic interface, but you cannot modify those credentials.
For information about credentials in the classic interface, see Credentials (Classic Interface).
Note: You can set Credentials settings for single-target scans only. If you create a scan with more than one target, these settings are not available.
In web application scans, you can configure credentials settings that allow Tenable.io Web Application Scanning to perform an authenticated scan on a web application. Credentialed scans can perform a wider variety of checks than non-credentialed scans, which can result in more accurate scan results.
Scans in Tenable.io Web Application Scanning use managed credentials. Managed credentials allow you to store credential settings centrally in a credential manager. You can then add those credential settings to multiple scan configurations instead of configuring credential settings for each individual scan.
Web application scans support credentials in the following authentication types:
You can configure credentials settings in web application scans using the following methods:
| Credentials Category |
Authentication Type |
Configuration Method |
|---|---|---|
| HTTP Server Authentication | – | Use the Tenable.io Web Application Scanning user interface to manually configure credentials settings in scans. |
|
Web Application Authentication |
Login Form | |
| Cookie Authentication | ||
| Selenium Authentication |
Do one of the following:
Tip: For information about Selenium scripts you can use with Tenable.io Web Application Scanning, see WAS Selenium Commands. |
|
| API Key | Use the Tenable.io Web Application Scanning user interface to manually configure credentials settings in scans. | |
| Bearer Authentication |