# Pynt for Cypress

### Overview

Using Cypress for end-to-end testing in combination with Pynt for automated API security testing is a powerful approach to enhance the security of your web applications.

As part of its API security testing suite, Pynt allows integration with Cypress to automate security scans within your test suites to detect and mitigate vulnerabilities effectively.

### Prerequisites

Before integrating Pynt with Cypress, make sure Pynt's [prerequisites](https://docs.pynt.io/documentation/api-security-testing/prerequisites-for-running-pynt-scans) are met and follow the instructions to [install Pynt CLI](https://docs.pynt.io/documentation/onboarding/getting-started).

### How to Run Pynt with Cypress

Pynt allows you to run API Security tests from Cypress E2E tests using `pynt command`.

#### Basic Command

To run Pynt with Cypress, use the following command:

```bash
pynt command --cmd "npx cypress run"
```

This will execute your Cypress tests while Pynt captures all API traffic and performs security analysis.

#### Running Specific Test Files

To run a specific test file with Pynt:

```bash
pynt command --cmd "npx cypress run --spec cypress.spec.cy.js"
```

Or for tests in subdirectories:

```bash
pynt command --cmd "npx cypress run --spec cypress/e2e/api-tests.cy.js"
```

#### Example with Options

Here's a complete example with common Pynt options:

```bash
pynt command --cmd "npx cypress run" \
     --test-name "Cypress E2E Security Tests" \
     --application-name "My Application"
```

### Configuration Options

#### Self-Signed Certificates

If your client is. validating SSL and can accept self-signed certificates, use the `--self-signed` flag:

```bash
pynt command --cmd "npx cypress run" --self-signed
```

#### Custom CA Certificate

If your client needs a specific certificate, provide the path to it with `--ca-path`:

```bash
pynt command --cmd "npx cypress run" --ca-path /path/to/certificate.pem
```

#### Application Configuration

Link your scan to a specific application:

```bash
pynt command --cmd "npx cypress run" --application-name "My Web App"
```

#### Test Naming

Use the `--test-name` flag to give your security scan a meaningful name:

```bash
pynt command --cmd "npx cypress run" --test-name "Production E2E Security Tests"
```

#### Allow Errors

To continue security scanning even when tests fail:

```bash
pynt command --cmd "npx cypress run" --allow-errors
```

### Goat Example:

Here's a comprehensive example demonstrating Pynt with Cypress:

Download the test files:

{% file src="<https://3462681674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZKwBF6q0tAGXlIih38HL%2Fuploads%2FgXbgBqDdpfpztRIjySxN%2Fcypress.config.js?alt=media&token=efb5d690-3143-41a6-ac3a-f112b3db6798>" %}

{% file src="<https://3462681674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZKwBF6q0tAGXlIih38HL%2Fuploads%2F6IY069kOgrfCkcOb1Xb3%2Fcypress.spec.cy.js?alt=media&token=1e3b7592-49ce-4079-8817-98f14a28ae07>" %}

Run Pynt

```bash
pynt command --cmd "npx cypress run --spec cypress.spec.cy.js"
```

This will start a Pynt scan on Goat APIs, result should look like:

<figure><img src="https://3462681674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZKwBF6q0tAGXlIih38HL%2Fuploads%2FdV8xnultVYcA1qTcfQQ9%2Fimage.png?alt=media&#x26;token=cf336096-9c44-4b58-ac3a-f3bde40213d4" alt=""><figcaption></figcaption></figure>