Hi, the documentation says that DAST supports SSO. I followed the steps mentioned, but I’m not sure what to put for DAST_AUTH_URL. When a user visits my website, they are redirected to a keycloak login page, which has client_id, state etc, which will change all the time eg.
https://{mywebsite.com}/auth/realms/gene/protocol/openid-connect/auth?client_id={client_id}&redirect_uri={redirectURL}&response_mode=fragment&response_type=code&scope=openid&nonce={nonce}
However, when I put the DAST_AUTH_URL and DAST_WEBSITE to be the same value (any user is redirected when they visit the url after all…), the error I get is:
TargetNotAccessibleError: Last attempted access of target caused error: 403 Client Error: Forbidden for url
What should I do? Thank you for any help!