Skip to content

Aptori Proxy Usage Guide

When configured to use an Aptori Proxy, Sift will:

  • get the proxy URL from global tool settings read from the Platform;
  • obtain a proxy access token from the Platform;
  • establish a tunnel to the target application using an authenticated HTTP CONNECT request to the proxy;
  • send all requests to the target application via the proxy tunnel.

There are two steps to configure Sift to send requests via an Aptori Proxy.

  1. Configure the proxy URL in the Aptori Platform.
  2. Configure Sift to use the Aptori Proxy.

Step 1 - Configure Proxy URL in Aptori Platform

Aptori Proxy URL is configured by administrators of an Organization in the Aptori Platform's Admin Portal. Sift obtains the proxy URL from the global tool settings in the Platform.

  • In the Admin Portal of the Aptori Platform, navigate to your Organization and select the gear icon to view the Organization's Settings.
  • Navigate to the "Tool Settings" tab and select "Sift" tool.
  • Enter the Proxy URL and save the settings.

Step 2 - Configure Sift to Use the Proxy

Sift may be instructed to send requests via an Aptori Proxy in one of two ways:

  • Pass CLI flag --use-proxy to sift run command when running a scan.
  • In the Sift configuration, set the .testProfile.useProxy property to true. Refer to Sift Configuration.