DATA RECON 2.0.25

Generating and Using Scan Tokens

SCAN TOKENS are easy-to-remember passphrases that can be distributed to authorized users.

They can be used in place of a Ground Labs Services Portal user name and password for authenticating a user on DATA RECON. This is useful when a user needs permission to run scans on a TARGET without having access to Ground Labs Services Portal user credentials.

You can manage and generate SCAN TOKENS at the Ground Labs Services Portal. Look for the "Scan Tokens" section on the dashboard.
Manage and generate Scan Tokens for Data Recon users without access to the Ground Labs Services Portal credentials.

SCAN TOKENS are commonly used organizations where scan permissions and privileges need to be distributed to trusted users without giving them access to the organization's Ground Labs Services Portal account.

This allows users other than the owner of the Ground Labs Services Portal account to (among other things):
  1. Assign licenses to TARGETS.
  2. Scan targets.
  3. Access DATA RECON to create, modify, and save DATA RECON configuration files for use on another host. For details, see Save and Load Options.

Generating Scan Tokens

Generate SCAN TOKENS at the Ground Labs Services Portal dashboard.

Look for the "Scan Tokens" panel, and click “add new scan token”. Add a new scan token from the Scan Tokens section in the Ground Labs Services Portal
Clicking on "add new scan token" will bring up its dialog window.

"Add new scan token" dialog box with the license source listed as "Order G28212" and the maximum uses set as "2".

You will be asked to select your "License source" and the number of uses for your token.

Select the appropriate license source for the SCAN TOKEN that you are generating, and click Create.

Identifying Scan Tokens

Comments can be added to your SCAN TOKEN to help you keep track of your TOKENS in the "Comment" input box.
Example of comments added to identify Scan Tokens in Ground Labs Services Portal.

Comments can be used to help document:

  • SCAN TOKEN allocation: If you have multiple workstation groups with different administrators, each administrator can be given a SCAN TOKEN with a license pool that they can draw from to assign to workstations in the group.
  • License allocation: When allocated, the "Scan Tokens" section on the Ground Labs Services Portal only carries the SCAN TOKEN itself, the number of activations the SCAN TOKEN carries, its creation and expiry dates. It does not carry details on the licenses it is associated with.

Using and Activating Scan Tokens

Select a license source attached to the Scan Token in the "Add new scan token" dialog box.

A SCAN TOKEN has a "license source" it is attached to.

A "license source" is the pool of licenses that the SCAN TOKEN can draw from when assigning licenses to new TARGETS.

A SCAN TOKEN can be used to log into an instance of DATA RECON without assigning a license to the host.

When attempting to scan a new TARGET while logged into DATA RECON using a SCAN TOKEN, DATA RECON will draw from the "license source" that is attached to the SCAN TOKEN it is using to assign the a license to the new TARGET.

List of available licenses or activations attached to each Scan Token in Ground Labs Services Portal.

SCAN TOKENS are not "activated" when used to log into DATA RECON.

They are "activated" when, after logging into DATA RECON, a license that is attached to the SCAN TOKEN is assigned to a new TARGET.

If no licenses attached to the SCAN TOKEN are assigned to any TARGETS, then no activations are used.

This means a SCAN TOKEN can be used to assign licenses to new TARGETS as long as there are "activations" available.

If there are no more "activations" for the SCAN TOKEN, it can still be used to log into an instance of DATA RECON, but cannot be used to assign licenses to new TARGETS, or scan TARGETS that do not come under the licenses that are attached to it.

Single or Multiple-use Scan Tokens

When generating a SCAN TOKEN, you are asked if the TOKEN should be a “Single use token” or otherwise.

  • "Single use token": A "Single use token" is a SCAN TOKEN that can be used to activate or assign one license to a TARGET.
  • Multiple-use: If you choose to generate a multiple-use SCAN TOKEN, you can select the number of activations that the SCAN TOKEN can be used for.
    That SCAN TOKEN can be used to activate or assign licenses to TARGETS as long as there are activations left on the SCAN TOKEN.

You can generate as many SCAN TOKENS as you need as long as you have licenses available for assignment in your Ground Labs Services Portal account.

If you have assigned all your licenses to TARGETS, you will not be able to generate any more SCAN TOKENS.