How to perform Authenticated Website Scan with JWT

You need to paste the session token in the Headers field, in the same line, after writing “Authorization: Bearer“. It may seem like a new line due to the textbox formatting but it is a single line. The input should look like this:

Authorization: Bearer [paste the session token, without brackets]

The check authentication is currently disabled on the Headers method. You should press the “Start scan” button and an authentication check will be made during the scan.