CI environment variables
This document lists and describes the environment variables supported by the Invicti Scan command-line tool for use in CI/CD pipelines. These variables allow you to configure and customize automated scans when integrating Invicti DAST into your development workflows.
important
- All variables should be defined securely using your CI/CD system's secret management features (for example, GitHub Actions Secrets, GitLab CI/CD Variables, Jenkins Credentials).
INVICTI_API_TOKENandINVICTI_TARGET_IDare required for scans to run.INVICTI_SCAN_PROFILEmust match a configured profile in your Invicti Platform instance.
Environment variables
| Variable Name | Description | Example value | Possible values |
|---|---|---|---|
INVICTI_API_BASE_URL | Base URL for the Invicti API (string) | https://platform.invicti.com | |
INVICTI_API_TOKEN | API token for authenticating command-line tool scan requests (string) | 1234567890abcdef... | |
INVICTI_TARGET_ID | ID of the target to scan, as defined in the Invicti Platform (string) | abcd1234-5678-efgh-ijkl-9876mnopqrst | |
INVICTI_SCAN_AGENT | The scan agent to use | CloudAgent | |
INVICTI_REPORT_TEMPLATE | The report template to use | Comprehensive | |
INVICTI_LOG_LEVEL | Logging verbosity level (enum) | INFO | DEBUG, INFO, WARNING, ERROR, CRITICAL |
INVICTI_SCAN_TIMEOUT | Maximum scan duration in minutes (integer) | 20 | |
INVICTI_SCAN_PROFILE | Name of the scan profile to use (string) | Full Scan | |
INVICTI_MINIMUM_SEVERITY | Minimum severity to break the build on finding vulnerabilities. If set, the build fails if any vulnerabilities of that severity or higher are found. (enum) | High | Critical, High, Medium, Low, Info |
For complete integration guidance, refer to the Integrate CI-driven scans document.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center
Was this page useful?