There are several ways to provide authentication credentials so Veracode can scan your application. If you uploaded a CSV file containing the URLs and their respective login credentials, some of this information is already prepopulated for you, depending on the information provided.
- If you want Veracode to automate the login to your applications, you can provide the username and password credentials, and Veracode directly logs in to your application during the Dynamic Analysis. You can combine auto-login authentication with basic authentication.
- Basic Authentication
- The basic authentication method provides information for a site that uses basic or browser-based authentication where the browser prompts you for credentials in its own pop-up window. You can use a browser-based type of login by itself or in combination with auto-login or form-based authentication. Enter the username and password you want Veracode to use. Optionally, you can enter the domain name.
- Form-Based Login
- If your application uses a customized or complex form for its login, record and upload a login sequence that Veracode uses to automatically log in to your application. You can combine form-based login authentication with basic authentication.