Configuring OAuth 2.0 authentication

Acunetix supports the OAuth 2.0 authentication mechanism, allowing you to configure targets for web applications that require OAuth 2.0. This document explains how to add an OAuth 2.0 login sequence to a target in Acunetix.  

How to set up an OAuth 2.0 login sequence

  1. Log in to Acunetix and select Targets from the left-side navigation menu.
  2. Click on the relevant target address in your list of targets to access the Target Settings page.
  3. Scroll down to the Site Login section and click the toggle to expand the settings panel.

  1. Select Use OAuth for this site. This will expose the configuration fields.

  1. Use the drop-down to set the Grant Type to one of the OAuth2 Authentication Flow mechanisms. The supported grant types are:
  1. Authorization Code
  2. Implicit
  3. Client Credentials
  4. Password Credentials
  1. Set the Access Token URL and the Authorization URL (only for the Authentication Code grant type) for the Authentication Provider. You can obtain the URL(s) from the Authentication Provider (eg. Google or Facebook).
  2. Set the Redirect URI for your target. This is the URI that the user will be redirected to after completing the login process with the Authorization provider.
  3. Set the Client ID and Client Secret fields for your target. These are unique values assigned to your web application by the Authentication Provider when you registered your web application with the Authentication Provider for its login functionality.
  4. Some OAuth 2.0 authentication flows require the State field to be populated.
  5. Set the Scope field to a space-delimited list of elements for which permission is being requested.
  6. Some OAuth 2.0 authentication flows require the Username and Password fields to be filled in.

  1. OAuth 2.0 authentication flows that require a 3-legged sequence, such as filling username and/or password fields in a separate step, or that require clicking on a Confirm or Allow button, are also supported. Click 3-Legged Sequence to launch the Login Sequence Recorder window to present the OAuth 2.0 Authentication Provider's dialog.

When you have completed the login sequence, the window will close automatically.

  1. Click Save at the top of the Target Settings page to save the configuration.

« Back to the Acunetix Support Page