Burp community forum

include JWT Token

Allen | Last updated: Jul 11, 2019 09:06PM UTC

How can I include custom headers in burp enterprise. I have several applications that are rest APIs and without JWT in an authorization header you just get 403. So no meaningful scan can be conducted.

Rose, PortSwigger Agent | Last updated: Jul 15, 2019 08:20AM UTC

Allen, have you tried using the Add Custom Header extension? - https://portswigger.net/bappstore/807907f5380c4cb38748ef4fc1d8cdbc

Burp User | Last updated: Jul 15, 2019 03:17PM UTC

Will the add custom header extension work in Burp Enterprise?

Rose, PortSwigger Agent | Last updated: Jul 16, 2019 06:29AM UTC

Allen, I do apologise, I missed that you were talking about the Enterprise Edition. At the moment this won't work, but we do have a story in our development backlog to support this. I'm registering your interest, which should help to get the story prioritised. Unfortunately, we can't tell you when this will be implemented, but we will be sure to let you know when it is.

Burp User | Last updated: Jan 25, 2020 10:37PM UTC

Hi, any progress on this request?

Ben, PortSwigger Agent | Last updated: Jan 27, 2020 08:26AM UTC

Hi, This functionality is still in our development backlog. We will update this thread once we have some more news.

You need to Log in to post a reply. Or register here, for free.