If your web property requires a login to access, you’ll need to add authentication details when you set up an advanced scan or a monitoring scan. The platform supports scanning for basic authentication and secure web authentication. Secure web authentication is commonly used for web applications and portals and, unlike basic authentication, uses a login page rather than a modal.
On this page:
- Set up secure web authentication for advanced scans
- Set up secure web authentication for monitoring scans
- Fill out secure web authentication fields
Set up secure web authentication for advanced scans
The HTML username submit button selector is only required for websites with two page authentication.
To set up an scan with secure web authentication:
- Go to Websites/apps.
- Select the website you'd like to scan.
- Choose Scans.
- Select Run scan.
- Choose the Advanced tab.
- Fill out the required fields.
- Select the Add authentication details option.
- Choose Secure web authentication from the dropdown menu.
- Enter the App login page URL. Note that the URL you enter for the app login page URL can’t be included in the pages to scan. If you try to scan the app login page, your scan will fail.
- Enter the login page details. How do I find this information?
- Username (required)
- HTML field selectors (required)
- HTML username submit button selector (optional)
- Password (required)
- HTML submit button selector (required)
- HTML success element selector (required)
- Select Run scan.
Set up secure web authentication for monitoring scans
The HTML username submit button selector is only required for websites with two page authentication.
To set up a monitoring scan with secure web authentication:
- Go to Websites/apps.
- From the Portfolio, choose Set up monitoring on the website you'd like to monitor.
- Fill out the required fields.
- Select the Add authentication details option.
- Choose Secure web authentication from the dropdown menu.
- Enter the App login page URL. Note that the URL you enter for the app login page URL can’t be included in the pages to scan. If you try to scan the app login page, your scan will fail.
- Enter the login page details. How do I find this information?
- Username (required)
- HTML field selectors (required)
- HTML username submit button selector (optional)
- Password (required)
- HTML submit button selector (required)
- HTML success element selector (required)
- Select Save.
Fill out secure web authentication fields
To scan webpages with secure web authentication, you’ll need to provide some code level information from your login page so that we can access your site. You can find all the required information right in your browser console. Here’s an overview of the information you’ll need:
Field name | Description |
---|---|
App login page URL | URL of the website’s login page. |
Username | The username or email you use to log into the website. |
Password | The password you use to log into the website. |
HTML username submit button selector |
The button you select after you've entered your username that brings you to the password field. (The button is often labeled "Next" or "Continue" but may have a different label.) Note: This field is only required if you need to select a button after entering your username before entering your password. |
HTML field selector | Associated with the username and password on your login page. (The “username” field is sometimes called an “email” field.) |
HTML submit button | The button you select after you’ve entered your login credentials. (The button is often labeled “Log in” or “Sign in” but could have a different name.) |
HTML success selector | An element that’s only visible once you’ve logged in to your website. It lets Level Access know that it has successfully logged in to your website and can begin the scan. |
HTML username submit button selector
To find the HTML username submit button selector:
- Go to the login page for your website.
- Right-click on the next button and select Inspect. Your browser console will open with the code for that field highlighted.
- Right-click on the highlighted code and select:
- Copy>Copy Selector in Chrome.
- Copy>Copy CSS Selector in Firefox.
- Copy>Copy Selector in Edge.
- On the advanced scan set up or monitoring page in the platform, paste the selector in the HTML username submit button selector field.
HTML field selector
To find the HTML field selectors for your username and password:
- Go to the login page for your website.
-
Right-click on the username field and select Inspect. Your browser console will open with the code for that field highlighted.
- Right-click on the highlighted code and select:
- Copy>Copy Selector in Chrome.
- Copy>Copy CSS Selector in Firefox.
-
Copy>Copy Selector in Edge.
- On the Advanced Scan set up or Monitoring page in the platform, paste the selector in the HTML field selector field for your username.
- Repeat the above steps for your password.
HTML submit button
To find the HTML submit button for your login page:
- Go to the login page for your website.
-
Right-click on the submit button and select Inspect. Your browser console will open with the code for the submit button field highlighted.
- Right-click on the highlighted code and select:
- Copy>Copy Selector in Chrome.
- Copy>Copy CSS Selector in Firefox.
-
Copy>Copy Selector in Edge.
- On the advanced scan set up or monitoring page in the platform, paste the selector in the HTML submit button field.
HTML success selector
For the best results, choose an HTML success selector that appears on every page after login and that’s visible without user interaction. Log out buttons and header or footer links often meet this criteria.
To collect an HTML success selector:
- Log in to your website.
-
Right-click on an element that is only visible after a successful log in—we used a Request Support button in the example below—and select Inspect. Your browser console will open with the code for that element highlighted.
- Right-click on the highlighted code and select:
- Copy>Copy Selector in Chrome.
- Copy>Copy CSS Selector in Firefox.
-
Copy>Copy Selector in Edge.
- On the advanced scan set up or monitoring page in the platform, paste the selector in the HTML success selector field.
This is what the secure web authentication section could look like when you’re done:
Comments
0 comments
Article is closed for comments.