Skip to main content

⚙️ Parameters Reference

Here is the list of all available parameters in the escaperc. Some of them are detailed more thorougly in their dedicated documentation section.


The parameters related to the scan.

JSON Schema example
"scan": {
"blacklist": {},
"hotstart": [
"profile": "surface | default | deep | unrestricted",
"read_only": "true | false",
"scalars": {
"**value**": {}
"whitelist": [

  • Blacklist : The operations that will be skipped by security tests. See more in the dedicated documentation section..
  • Hotstart : Raw queries to hotstart the API exploration.
  • Profile : The scan profile. Must be one of ['surface', 'default', 'deep', 'unrestricted'].
  • Read only : The choosen mode for the tested API. Default mode is read-write and suited to development environment. The read_only mode is safe for production environments, but will reduce the number of tests performed and the scan coverage..
  • Scalars : The user's defined scalars.
  • Whitelist : Whitelisted raw queries to explore the API.


All parameters available in our client:

JSON Schema example
"client": {
"concurrent_connection": "**value**",
"concurrent_tasks": "**value**",
"proxy": {},
"request_timeout": "**value**",
"requests_per_minute": "**value**"

  • Concurrent connection : The maximum size of the connections pool.
  • Concurrent tasks : The maximum number of parallel tasks.
  • Proxy : The Proxy to use for the requests. See more in the Scan Internal APIs documentation section.
  • Request timeout : The maximum timeout duration for each request (in seconds). See more in the dedicated documentation section.
  • Requests per minute : The maximum number of request per minute. Which will be used on a per second window.


The PyMultiAuth authentication configuration. See advanced configuration documentation.

JSON Schema example
"authentication": {
"methods": {},
"users": {}

  • Methods : The methods as descibed in PyMultiAuth.
  • Users : The users as descibed in PyMultiAuth.


See the Custom Payload documentation.


See the Security Reference.