Is there anything that can be done when a VPN token is required for WAS authentication?
Short of quickly running the browser recorder and logging in to the app, saving that script, and launching the scan all before the token changes, I can't think of any other way to do this. I would hope the app doesn't have a back-door to bypass 2FA. Even if the above scenario worked, I would have to get the app team to add me as a user to the app so that my token would work.
Any advise would be appreciated!