Create API - Additional Configuration 

On this page, configure additional options for the API scanning. 

Authentication Record

Select one or more authentication records to discover and validate vulnerabilities by performing an in-depth assessment of your applications.

Some applications require authenticated access to the majority of their functionality. Authenticated scanning can be configured for HTML forms like login pages and server-based authentication (HTTP Basic, Digest, NTLM)

Header Injection

Enter headers that need to be injected by the scanning service to scan the API in the <header>: <text> format. You can enter multiple headers, each header in a separate line.

Comments 

Enter comments to be saved with the application.

Next Step: New API - Review and Confirm