Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Enterprise Edition: Unrecognised field in config file section: platformAuthentication

Yuta | Last updated: Apr 30, 2024 02:49PM UTC

Hi team, Our team is using the CI-driven scan feature of the Enterprise Edition integrating Jenkins and we are currently facing "Unrecognised field in config file section: platformAuthentication" when we try to perform CI-driven scan. I used the YAML template on GitHub (https://github.com/PortSwigger/ci-cd-platform-scanning-examples/blob/main/ci-driven-scan-config-template.yml) and slightly modified the values as below: ```` platformAuthentication: # Enter a list of additional platform authentication details # - type: Choose from Basic, NTLM v1, or NTLM v2. # destinationHost: localhost # username: username # password: password # domain: domain - Only required for NTLM authentication # domainHostname: hostname - Only required for NTLM authentication - type: Basic destinationHost: foobar.internal.example.com username: exampleuser password: examplepassword domain: domainHostname: ``` With this config, I got the following error on Jenkins: ``` 23:33:24 + BURP_ENTERPRISE_SERVER_URL=https://XXXXX BURP_ENTERPRISE_API_KEY=**** BURP_CORRELATION_ID=XXXXX BURP_CONFIG_FILE_PATH=/home/jenkins/workspace/XXXXX/XXXXX/burp_config.yml /usr/local/burpsuite_enterprise/bin/initiate-scan 23:33:24 Found config at path /home/jenkins/workspace/XXXXX/XXXXX/burp_config.yml 23:33:24 You have not set a valid configuration. 23:33:24 You can configure the container either by passing in environment variables, 23:33:24 or by placing a burp_config.yml file in the container's working directory. 23:33:24 See PortSwigger's online documentation for more information. 23:33:24 23:33:24 Unrecognised field in config file section: platformAuthentication Post stage [Pipeline] junit 23:33:24 Recording test results [Pipeline] archiveArtifacts 23:33:24 Archiving artifacts [Pipeline] archiveArtifacts 23:33:24 Archiving artifacts ``` It would be great if you could help us solve this error. This is a blocker for us to perform the CI-driven scan against our application with Basic authentication - Enterprise: v2024.3.2 - Agent: public.ecr.aws/portswigger/enterprise-scan-container:2024.3.1 - Jenkins: v2.426.3 Let me know if you need further information. Thank you very much for your help.

Josh, PortSwigger Agent | Last updated: May 01, 2024 12:35PM UTC

Hi Yuta, the authentication type should be capitalised, so you should be using BASIC instead of Basic. Can you try changing it and let me know how you get on?

Yuta | Last updated: May 02, 2024 02:18AM UTC

Hi Josh, It worked after changing the value to "BASIC". Thank you so much! I think the template on GitHub should be also updated as current comment is using "Basic". ``` # - type: Choose from Basic, NTLM v1, or NTLM v2. ``` Anyway, thank you again for your support.

Josh, PortSwigger Agent | Last updated: May 02, 2024 08:10AM UTC

Glad to hear it! I'll raise a ticket to get that documentation changed. Let us know if you need any extra help in the future.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.