Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more
Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Enterprise Edition

Configuring authentication for web apps

  • Last updated: July 16, 2024

  • Read time: 1 Minute

Adding authentication credentials for web app sites enables Burp Scanner to discover and audit content that is only accessible to authenticated users.

You can add the following types of authentication credentials:

  • Site login details
  • Platform authentication details

Note

This page explains how to configure web app authentication. For information on how to configure API authentication, see Adding new APIs.

Configuring login details

Adding login credentials for a web app site enables Burp Scanner to discover and audit content that is only accessible to authenticated users.

There are two types of login credential that you can add in Burp Suite Enterprise Edition:

  • Username and password pairs are intended for web apps that use a basic, single-step login mechanism.
  • Recorded login sequences are intended for web apps that use more complex login mechanisms, such as Single Sign-On.

You can only use one of the available login mechanisms per site.

Related pages

Configuring platform authentication details

Adding credentials for NTLM and HTTP Basic authentication enables Burp Scanner to automatically authenticate to destination web servers at the platform level.

Related pages

Configuring platform authentication

Was this article helpful?