You can test authentication records for web applications you define without having to run a Discovery scan. You can quickly test authentication for a web application and test the scanner's ability to authenticate to a web application.
Test authentication feature is available only if it is enabled for your subscription. If you're interested enabling this feature, please contact Qualys Support or Technical Account Manager.
Go to Web Applications > Web Applications and select the web application and select Test Authentication from the quick actions menu.
By default, we use the following format for the name of the authentication test.
Authentication test - <name of the web application> - <date in yyyy-mm-dd format>
You can choose the authentication record to be tested in Authentication section and configure other settings similar to scan settings. As this is a quick authentication test, only few and not all scan settings need to be configured. Being a quick scan, we use system generated (non-editable) option profile named as Authentication Test.
Similarly, for search list, we use system generated (non-editable) search list named as Authentication Test.
You can use the new filter ‘Authentication Test’ in Type that we added to view only authentication test scans. You could also identify them with the icon associated with the authentication test.
Once the authentication test scan is in Finished state, select View Report from the quick actions menu and view the Authentication Test scan report.
Note - Authentication test can be only configured for a single scan. You cannot configure authentication test for a multi-scan or a scheduled scan.