Authentication Reference
AuthenticationConfiguration¶
| Property | Type | Default | Description |
|---|---|---|---|
$schema | string | null | The schema of the configuration file |
presets | List[BasicPreset,CognitoUserpassPreset,DigestPreset,GraphQLPreset,HTTPPreset,HeadersPreset,OAuthClientCredentialsPreset,OAuthUserpassPreset,PlaywrightPreset,cURLPreset,cURLSequencePreset] | null | A list of presets used to easily generate procedures and users automatically following common authentication standards |
procedures | List[Procedure] | null | The list of authentication procedures to rely on when authenticating users |
proxy | string | null | An eventual global proxy used for all HTTP requests |
users | List[User] | null | List of users that multiauth will generate authentications for. |
validation | boolean | null | A flag to enable or disable the generated tokens validations. Set this to false to skip the validation. Set to true by default |
Objects¶
AuthenticationVariable¶
| Property | Type | Default | Description |
|---|---|---|---|
name* | string | The name of the variable | |
value* | string | The value of the variable |
BasicPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
type* | Const[basic] | basic | |
users* | List[BasicUserPreset] | A list of users with basic credentials to create |
BasicUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
password* | string | The Basic password of the user. | |
username* | string | The Basic username of the user. |
BrowserExtraction¶
| Property | Type | Default | Description |
|---|---|---|---|
jq | string | null | The jq expression to extract the value from the session storage item |
key* | string | The key to use for the extracted value, depending on the location. In the case of Page location, this represents a Playwright selector | |
location* | BrowserLocation | The location of the browser where the value should be extracted. | |
name* | string | The name of the variable to store the extracted value into that will be used for injection | |
origin* | string | The URL of the page, origin of the local/session storage, or cookies where the value should be extracted. | |
regex | string | null | The regex to use to extract the token from the key value. By default the entire value is taken. |
BrowserInjection¶
| Property | Type | Default | Description |
|---|---|---|---|
key* | string | The key to use for the injected token. Its usage depends on the location. | |
location* | BrowserLocation | The location of the browser where the token should be injected | |
origin* | string | The origin of the local storage or session storage where the token should be injected | |
variable* | string | The name of a variable to retrieve to create the token's value. If not provided, the token will be infered as the first successful extraction of the procedure |
CognitoUserpassPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
client_id* | string | The client ID to use for the OAuth requests | |
client_secret* | string | The client secret to use for the OAuth requests | |
region* | AWSRegion | The region of the Cognito Service. | |
type* | Const[cognito_userpass] | cognito_userpass | |
users* | List[CognitoUserpassUserPreset] | A list of users to create |
CognitoUserpassUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
password* | string | The password of the user. | |
scopes | List[string] | null | A list of scopes to request for the user. If not specified, no scope will be requested. |
username* | string | The username of the user. |
Credentials¶
| Property | Type | Default | Description |
|---|---|---|---|
body | object | null | A body to merge with the bodies of every HTTP requests sent for this user |
cookies | List[HTTPCookie] | A list of cookies to attach to every HTTP requests sent for this user | |
headers | List[HTTPHeader] | A list of headers to attach to every HTTP requests sent for this user | |
local_storage | Dict[string, Dict[string, string]] | null | A dictionary of origins and key values for a local storage to attach to the user |
password | string | null | The password to attach to the HTTP requests sent for this user. See developer.mozilla.org |
queryParameters | List[HTTPQueryParameter] | A list of query parameters to attach to every HTTP requests sent for this user | |
session_storage | Dict[string, Dict[string, string]] | null | A dictionary of origins and key values for a session storage to attach to the user |
username | string | null | The username to attach to the HTTP requests sent for this user. See developer.mozilla.org |
DigestOperation¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions* | Union[BrowserExtraction,HTTPExtraction] | ||
parameters* | DigestRequestSequence | The parameters of the HTTP requests executed during the digest procedure.It features two HTTP requests: the first one is the one that returns the WWW-Authenticate header,and the second one is the one that uses the digest authentication. | |
tech* | Const[digest] | digest |
DigestPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
first_request* | HTTPRequestPreset | The parameters of the first HTTP request executed during the digest procedure.It is the one that returns the WWW-Authenticate header. | |
second_request | DigestSecondRequestConfiguration | null | The parameters of the second HTTP request executed during the digest procedure.It is the one that uses the digest authentication. By default, parameters of the first request are used. |
type* | Const[digest] | digest | |
users* | List[BasicUserPreset] | The list of users to generate tokens for. |
DigestRequestSequence¶
| Property | Type | Default | Description |
|---|---|---|---|
first_request* | HTTPRequestParameters | The parameters of the first HTTP request executed during the digest procedure.It is the one that returns the WWW-Authenticate header. | |
second_request | DigestSecondRequestConfiguration | null | The parameters of the second HTTP request executed during the digest procedure.It is the one that uses the digest authentication. By default, parameters of the first request are used. |
DigestSecondRequestConfiguration¶
| Property | Type | Default | Description |
|---|---|---|---|
method | HTTPMethod | null | The method of the second HTTP request executed during the digest procedure.By default, the method of the first request is used. |
url | string | null | The URL of the second HTTP request executed during the digest procedure.By default, the URL of the first request is used. |
GraphQLPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions | List[HTTPExtraction] | The extractions of the GraphQL query containing the user credentials. | |
injections | List[HTTPInjection] | The injections of the GraphQL query containing the user credentials. | |
query* | string | The templated GraphQL inside the query field of the JSON body of the HTTP request. | |
type* | Const[graphql] | graphql | |
url* | string | The URL of the GraphQL authentication endpoint. | |
users* | List[GraphQLUserPreset] | A list of users with credentials contained in the GraphQL variables of the query |
GraphQLUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
username* | string | The name of the user. | |
variables* | Dict[string, string] | The variables of the GraphQL query containing the user credentials. |
HTTPCookie¶
| Property | Type | Default | Description |
|---|---|---|---|
name* | string | ||
values* | List[string] |
HTTPExtraction¶
| Property | Type | Default | Description |
|---|---|---|---|
key* | string | The key to use for the extracted value, depending on the location | |
location* | HTTPLocation | The location of the HTTP request where the value should be extracted | |
name* | string | The name of the variable to store the extracted value into | |
regex | string | null | The regex to use to extract the token from the key value. By default the entire value is taken. |
HTTPHeader¶
| Property | Type | Default | Description |
|---|---|---|---|
name* | string | ||
values* | List[string] |
HTTPInjection¶
| Property | Type | Default | Description |
|---|---|---|---|
key* | string | The key to use for the injected token. Its usage depends on the location. For headers, cookies,and query parameters, this key describes the name of the header, cookie or query parameter. For a body location, the key is the field where the token should be injected within the request bodies | |
location* | HTTPLocation | The location of the HTTP request where the token should be injected | |
prefix | string | null | A prefix to prepend to the token before it is injected |
variable* | string | The name of a variable to retrieve to create the token's value. If not provided, the token will be infered as the first successful extraction of the procedure |
HTTPOperation¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions* | List[HTTPExtraction] | The list of extractions to run at the end of the operation.For HTTP operations, variables are extracted from the response. | |
parameters* | HTTPRequestParameters | The parameters of the HTTP request to send. At least a URL and a method must be provided. | |
tech* | Const[http] | http |
HTTPPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions* | List[HTTPExtraction] | The token extraction configuration used to extract the tokens from the HTTP response. | |
injections* | List[HTTPInjection] | The injection configuration used to inject the tokens into the HTTP requests. | |
request* | HTTPRequestPreset | The parameters of the HTTP request used to fetch the access and refresh tokens. | |
type* | Const[http] | http | |
users* | List[HTTPUserPreset] | The list of users to generate tokens for. |
HTTPQueryParameter¶
| Property | Type | Default | Description |
|---|---|---|---|
name* | string | ||
values* | List[string] |
HTTPRequestParameters¶
| Property | Type | Default | Description |
|---|---|---|---|
body | object | null | The body of the request. It can be a string or a JSON object. It is merged with the user credentials body if provided. If bodies of the HTTP request and of the user credentials are both JSON objects, they are merged. If the two bodies are strings, they are concatenated. If the two bodies are of different types, the body of the user credentials is used instead of this value. |
cookies* | List[HTTPCookie] | The list of cookies to attach to the request. Cookies are merged with the user credentials cookies. It is possible to attach mutliple values to a cookie. Cookie values are url-encoded before being sent. | |
follow_redirects | integer | null | The number of redirects to follow |
headers* | List[HTTPHeader] | The list of headers to attach to the request. Headers are merged with the user credentials headers. It is possible to attach mutliple values to a header. | |
insecure | boolean | null | If the SSL certificate should be verified |
method* | HTTPMethod | The HTTP method to use | |
proxy | string | null | An eventual proxy used for this request |
queryParameters* | List[HTTPQueryParameter] | The list of query parameters to attach to the request. Query parameters are merged with the user credentials query parameters. It is possible to attach mutliple values to a query parameter. Query parameter values are url-encoded before being sent. | |
timeout | integer | null | The timeout of the request in seconds |
url* | string | The URL to send the request to |
HTTPRequestPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
body | object | null | The body of the request. It can be a string or a JSON object. It is merged with the user credentials body if provided. If bodies of the HTTP request and of the user credentials are both JSON objects, they are merged. If the two bodies are strings, they are concatenated. If the two bodies are of different types, the body of the user credentials is used instead of this value. |
cookies | Dict[string, string] | The list of cookies to attach to the request. Cookies are merged with the user credentials cookies. It is possible to attach mutliple values to a cookie. Cookie values are url-encoded before being sent. | |
headers | Dict[string, string] | The list of headers to attach to the request. Headers are merged with the user credentials headers. It is possible to attach mutliple values to a header. | |
method* | HTTPMethod | The HTTP method to use | |
query_parameters | Dict[string, string] | The list of query parameters to attach to the request. Query parameters are merged with the user credentials query parameters. It is possible to attach mutliple values to a query parameter. Query parameter values are url-encoded before being sent. | |
url* | string | The URL to send the request to |
HTTPUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
body | object | null | A body to merge with the bodies of every HTTP requests sent for this user |
cookies | Dict[string, string] | A dict representing the cookies to attach to every HTTP requests sent for this user | |
headers | Dict[string, string] | A dict representing the headers to attach to every HTTP requests sent for this user | |
password | string | null | The password to attach to the HTTP requests sent for this user. See developer.mozilla.org |
queryParameters | Dict[string, string] | A dict of query parameters to attach to every HTTP requests sent for this user | |
username* | string | The username to attach to the HTTP requests sent for this user. See developer.mozilla.org |
HeadersPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
type* | Const[headers] | headers | |
users* | List[HeadersUserPreset] | A list of users with basic credentials to create |
HeadersUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers* | Dict[string, string] | The headers of the user. | |
username* | string | The name of the user. |
OAuthClientCredentialsPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
type* | Const[oauth_client_credentials] | oauth_client_credentials | |
url* | string | The URL of the token endpoint of the OpenIDConnect server | |
users* | List[OAuthClientCredentialsUserPreset] | A list of users to create |
OAuthClientCredentialsUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
audience | string | null | The audience to request for the user. If not specified, no audience will be requested. |
client_id* | string | The client ID to use for the OAuth requests | |
client_secret* | string | The client secret to use for the OAuth requests | |
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
scopes | List[string] | null | A list of scopes to request for the user. If not specified, no scope will be requested. |
username* | string | The arbitrary username given to the user. |
OAuthUserpassPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
client_id* | string | The client ID to use for the OAuth requests | |
client_secret* | string | The client secret to use for the OAuth requests | |
type* | Const[oauth_userpass] | oauth_userpass | |
url* | string | The URL of the token endpoint of the OpenIDConnect server | |
users* | List[OAuthUserpassUserPreset] | A list of users to create |
OAuthUserpassUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
password* | string | The password of the user. | |
scopes | List[string] | null | A list of scopes to request for the user. If not specified, no scope will be requested. |
username* | string | The username of the user. |
PlaywrightOperation¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions* | Union[BrowserExtraction,HTTPExtraction] | ||
parameters* | PlaywrightOperationParameters | The parameters of the operation. | |
tech* | Const[playwright] | playwright |
PlaywrightOperationParameters¶
| Property | Type | Default | Description |
|---|---|---|---|
additional_fields* | List[PlaywrightPresetAdditionalFields] | Additional fields to be used in the login form in the form selector:value | |
login_url | string | The url that presents the login form | |
password | string | The password that will be used to auto login | |
proxy | string | null | The proxy to use for the operation |
username | string | The username or email that will be used to auto login |
PlaywrightPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions | List[BrowserExtraction] | null | The extractions used to extract from the browser like page, browser_local_storage, browser_session_storage, or browser_cookies. |
injections | Union[BrowserInjection,HTTPInjection] | null | The injection configuration used to inject the tokens into either the HTTP requests, or another browser for Frontend scans. |
login_url* | string | The url that presents the login form | |
type* | Const[playwright] | playwright | |
users* | List[PlaywrightUserPreset] | The list of users to generate tokens for. |
PlaywrightPresetAdditionalFields¶
| Property | Type | Default | Description |
|---|---|---|---|
selector* | string | The selector that will be used to get the value of the field | |
value* | string | The value that will be used to set the field |
PlaywrightUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
additional_fields* | List[PlaywrightPresetAdditionalFields] | Additional fields to be used in the login form in the form selector:value | |
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
password* | string | The password that will be used to auto login | |
username* | string | The username or email that will be used to auto login |
Procedure¶
| Property | Type | Default | Description |
|---|---|---|---|
injections* | Union[BrowserInjection,HTTPInjection] | The list of injections to perform at the end of the procedure. Injections are used to inject the variables extracted from the procedure into the user authentication. | |
name* | string | The name of the procedure. It must be unique and is used to reference the procedure in users. | |
operations* | List[DigestOperation,HTTPOperation,PlaywrightOperation] | The list of operations executed during the procedure. An operation is a unit transaction, like an HTTP request, or a Playwright autologin script. Operations are ordered, and the variables extracted from an operation can be used in the next operations. |
User¶
| Property | Type | Default | Description |
|---|---|---|---|
credentials | Credentials | null | A set of HTTP parameters used to customize requests sent for the user. |
name* | string | The name of the user | |
procedure | string | null | The name of the procedure to use to authenticate the user.This name MUST match the name field of a procedure in the procedures list in the multiauth configuration. |
refresh | UserRefresh | null | An optional refresh procedure to follow for the user. |
repeater_mtls | boolean | null | Pass this field to true if you want to use your repeater mTLS certificates. |
variables | List[AuthenticationVariable] | List of variables that will be injected at the beginning of the user's authentication procedure. |
UserRefresh¶
| Property | Type | Default | Description |
|---|---|---|---|
credentials | Credentials | null | Credentials to use to refresh the authentication. If not provided, the user credentials will be used. |
keep | boolean | false | If true, multiauth will keep the current tokens and use a merge of the refreshed authenticationand the current one. |
procedure | string | null | An optional custom procedure to use to refresh the authentication of the user. Defaults to the user procedure if not provided. This name MUST match the name field of a procedure in the procedures list in the multiauth configuration. |
sessionSeconds | integer | null | Number of seconds to wait before refreshing the authentication. If not provided, multiauth willtry to infer the session duration from the returned variables |
variables | List[AuthenticationVariable] | null | List of variables that will be injected at the beginning of the user'srefresh procedure. If not provided, the user's variables will be used instead. |
cURLPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
extractions* | List[HTTPExtraction] | The token extraction configuration used to extract the tokens from the HTTP response. | |
injections* | List[HTTPInjection] | The injection configuration used to inject the tokens into the HTTP requests. | |
type* | Const[curl] | curl | |
users* | List[cURLUserPreset] | The list of users to generate tokens for. |
cURLSequencePreset¶
| Property | Type | Default | Description |
|---|---|---|---|
injections | List[HTTPInjection] | null | Final variables injected into the authentified requests. |
requests* | List[cURLSequenceRequestPreset] | A sequence of curl templates used to make requests and extract variables. | |
type* | Const[curl_sequence] | curl_sequence | |
users* | List[cURLSequenceUserPreset] | The list of users to generate tokens for. |
cURLSequenceRequestPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
curl* | string | A curl template used to make a request. | |
extractions | List[HTTPExtraction] | null | Variables extracted from the response that can be templated in further requests. |
cURLSequenceUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
username* | string | The arbitrary name that identifies the user. | |
variables | Dict[string, string] | null | A dict of variables to inject into the cURL sequences. |
cURLUserPreset¶
| Property | Type | Default | Description |
|---|---|---|---|
cookies | Dict[string, string] | null | Optional cookies injected during the authentication process and in authentified requests. |
curl* | string | The curl command that is used to fetch the tokens for this user. | |
headers | Dict[string, string] | null | Optional headers injected during the authentication process and in authentified requests. |
username* | string | The arbitrary name that identifies the user. |
Enums¶
AWSRegion¶
| Value |
|---|
us-east-2 |
us-east-1 |
us-west-1 |
us-west-2 |
af-south-1 |
ap-east-1 |
ap-south-1 |
ap-northeast-3 |
ap-northeast-2 |
ap-southeast-1 |
ap-southeast-2 |
ap-northeast-1 |
ca-central-1 |
cn-north-1 |
cn-northwest-1 |
eu-central-1 |
eu-west-1 |
eu-west-2 |
eu-south-1 |
eu-west-3 |
eu-north-1 |
me-south-1 |
sa-east-1 |
BrowserLocation¶
| Value |
|---|
page |
browser_local_storage |
browser_session_storage |
browser_cookies |
HTTPLocation¶
| Value |
|---|
header |
cookie |
body |
query |
HTTPMethod¶
| Value |
|---|
CONNECT |
DELETE |
GET |
HEAD |
OPTIONS |
PATCH |
POST |
PUT |
TRACE |