Vulnerability scanners – what's the best way for OWASP Zap to handle unique fields and API sequences?

First situation: Proxy through some zap requests and I want to do active analysis on them. Zap Active Browsing works on one property at a time, and this particular request requires that some of the properties be unique per request.

For example, a username can only be used once in the registry, which pattern in zap would be best to tell the active scan to change this property for each scan request?

Second situation: This is similar to the first, but somewhat different. I have APIs that need to be done in a sequence of steps. For example, Step 1, Step 2, Step 3, To make the request for Step 3, Step 1 and Step 2 must be completed. To achieve an optimal active scan in Step 3, for each active scan request, the Step 1 and Step 2 would have to be done before each request. What would be the best way to accomplish this?