Create API - Additional Configuration
On this page, configure additional options for the API scanning.

Authentication Record
Select one or more authentication records to discover and validate vulnerabilities by performing an in-depth assessment of your applications.
Some applications require authenticated access to the majority of their functionality. Authenticated scanning can be configured for HTML forms like login pages and server-based authentication (HTTP Basic, Digest, NTLM)
Header Injection
Enter headers that need to be injected by the scanning service to scan the API in the <header>: <text> format. You can enter multiple headers, each header in a separate line.
Default DNS Override
Use DNS override records if you want to scan an API asset with multiple instances deployed in different environments. Some other scenarios are if your API does not have a DNS entry as it is in a non-production environment.
By default, crawling and scanning use the DNS associated with the web application URL. If a DNS override record is specified, the scan uses the mappings defined in that record. You can also create a new DNs record. Learn more
Comments
Enter comments to be saved with the application.
Next Step: New API - Review and Confirm