anyone have experience with a scanning tool like a...
# support-questions-legacys
sarah039197
03/07/2023, 2:34 PManyone have experience with a scanning tool like acuentix? i have an app i would like to be scanned, but i use passwordless auth, which their scanner isnt built to handle. they have a section where they allow custom cookies to be passed in.. is there some way i could make a long lived cookie for scanning purposes?
r
rp_st
03/07/2023, 5:03 PMHey @sarah039197
rp_st
03/07/2023, 5:04 PMYou can use our JWT recipe to issue tokens with arbitrary lifetime, and add that to cookies and consume / verify it in the acuentix service.
s
sarah039197
03/07/2023, 8:42 PMthanks! i generated a jwt, now how would i test using it to access my app running on localhost?
sarah039197
03/07/2023, 8:46 PMi think im mostly just unsure what the cookie key would be. these are the cookie values i see when i log in w/ passwordless auth.. maybe sAccessToken?
sarah039197
03/07/2023, 8:50 PMI tried using that key and passing in the jwt, but no luck. i have the app wrapped in passwordless auth, so i just get redirected to the sign in page
r
rp_st
03/08/2023, 5:29 AMi would need more details on what you are doing:
- how are you generating the jwt and sending it to the frontend - which API?
- Once the JWT is in the cookie, what is it used for next?
- Does the JWT get sent to the other service? Whats the url of the service?
This isssue is a little too vague for me to help out on. The more details you provide, the more helpful.
4 Views