Set up automation for generating token for original request

[stevieg27]

Hi team,

As discussed with earlier with ankush currently during scheduled scans akto can only use original request which contains the tokens which are already invalid ( generally it would be mostly valid for 15 minutes - 1 hour max ). So it would result in unauthenticated response from the server and the scan results would be incomplete. It would be great if we could have functionality where akto can automatically create token by already provided credentials and attach to those original request which would result in better meaningful scan results.

[professorabhay]

Hi @stevieg27 @ankush-jain-akto @Ankita28g, It will be an helpful feature.
Please look into that https://github.com/professorabhay/files/blob/main/automatedToken.java
I am interested to work on it under guidance !! 🙂

[Ankita28g]

thanks @stevieg27 and @professorabhay

let us get back to you! :)

[ankush-jain-akto]

Hi @stevieg27

We have this feature now.

1. Create a Test Role with automated (or hard-coded) auth token.
2. Use this new role for running test.

It does exactly what you suggested. It fetches fresh credentials and attaches them in the original request.