Can I scan behind authentication or login pages?

Yes. You can configure S4E to scan areas of your application that are behind authentication walls.

To do this:

  • Go to Asset Manager.
  • Click the three-dot menu next to your asset and choose Settings.
  • Navigate to the Crawler tab, then open the Header section.
  • Add authentication-related headers (e.g., Authorization, Cookie, or X-API-Key) that your application uses to validate sessions.

  • Optionally, define how long these headers remain valid using the Valid Time setting.


Once configured, S4E will use these headers during crawling and scanning, allowing it to reach and assess pages that require login access.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us