Authentication Profiles

You can save a custom script for form authentication in Acunetix 360 and use it many times for different websites.

Acunetix 360 automates the authentication when it matches the URL at the beginning of the crawling process.

So, you do not have to configure form authentication for websites utilizing the same authentication procedure. The authentication profile also works for Single Sign-On (SSO) providers such as Microsoft and Google.

Information

If you configured a form authentication and saved an authentication profile at the same time, Acunetix 360 prioritizes form authentication. 


Please note that, for demonstration purposes, we will add a Microsoft SSO and scan a website requiring a Microsoft SSO.

Configuring Authentication Profile in Acunetix 360

How to Create an Authentication Profile in Acunetix 360
  1. Log in to Acunetix 360.
  2. From the main menu, select Scans > Authentication Profiles.
  3. In the Authentication Profiles window, enter a login form URL and select + Add Script.
  4. Complete the remainder of the adding a custom script as described in the Custom Scripts for Form Authentication.
  5. Then, enter a Name and a Trigger URL to save the authentication profile. Select Save.

Once you save an authentication profile, you can use this profile to scan your website(s).

How to Scan a Website with an Authentication Profile
  1. From the main menu, select Scans > New Scan.
  2. In the Target URL field, enter the URL.
  3. Complete the remainder of the fields, as described in Acunetix 360 New Scan Fields and Acunetix 360 Scan Options Fields.
  4. From the Authentication Profiles drop-down, select one of the following options:
  • (Do Not Use)
  • (Use Matched Profile)
  • Your Custom Profile (Microsoft, in this example)
  1. Select Launch.
How to Run a Group Scan with an Authentication Profile
  1. From the main menu, select Scans > New Group Scan.
  2. From the Website Group drop-down, select the website group you want to scan.
  3. Complete the remainder of the fields, as described in How to Scan a Website in Acunetix 360.
  4. From the Authentication Profiles drop-down, select one of the following options:
  • (Do Not Use)
  • (Use Matched Profile)
  • Your Custom Profile (Microsoft, in this example)
  1. Select Launch.

Since an authentication profile is selected, there is no need to configure a Form Authentication. Acunetix 360 uses the authentication profile and can authenticate.

How to Edit an Authentication Profile in Acunetix 360
  1. From the main menu, select Scans > Authentication Profiles.
  2. Next to the relevant profile, select Edit.
  3. Make changes in the Custom Script Editor window. Enter a new name and a trigger URL, if necessary.
  4. Select Save.
How to Delete an Authentication Profile in Acunetix 360
  1. From the main menu, select Scans > Authentication Profiles.
  2. Next to the relevant profile, select Delete.
  3. From the Deleting Authentication Profile dialog, select Delete.


 
« Back to the Acunetix Support Page