Calibre

Product

Use Cases

Company & Resources

  • Get Started

  • Features

  • Metrics

  • Automation

  • Integrations

  • Account and Billing

  • Guides

    • Authenticating Calibre

    Calibre can authenticate to your protected websites and applications to monitor performance. Below, you can find several ways of recognising The Calibre Agent that might suit your needs.

    Tip
    Calibre runs its authentication in a desktop browser, no matter your Test Profile settings. After the Test Agent completes the authentication process, the browser cache and Service workers are unregistered, so the following test has no trace of previously loading any resources.

    Form Authentication

    Calibre can log into your sites and applications as if it was one of your users. Form authentication supports the most common types of single and multi-step log in forms. Two-factor authentication (2FA) is not supported.

    Adding form authentication to your Site

    To enable form-based authentication, navigate to Site → Settings → Authentication. In the Form Authentication section, provide a URL to your login form, username, password and CSS selectors for the form and relevant inputs.

    Caution
    Credentials will be stored in clear text. We recommend that you create a special test account for Calibre.

    Troubleshooting Form Authentication

    Choose correct selectors

    If Calibre cannot find the form on the page, the test will either fail or result in the form URL being monitored instead of the logged in page. To ensure authentication succeeds, use form and input selectors with high specificity, such as id or name.

    Recommended: #sign-in-form, #login, #username, input[name="username"] or input[type="password"].

    Not recommended: form, input, body, html, div, section.

    Elements must be visible and within the main document

    For Calibre to successfully navigate HTML forms, form elements must meet the following prerequisites:

    • Elements should not be visually obstructed (hidden off-screen or using CSS opacity with value less than 1)
    • Elements must appear within the main document (e.g., not nested within an <iframe>)
    • Elements must respond to event handlers (e.g., click or submit)

    Use semantic HTML markup

    Calibre searches for a specified Submit selector first. If the selector is not found or not provided, the Test Agents will fall back to looking for valid HTML markup to submit the form and begin monitoring. A valid submission button should have one of the following characteristics:

    • be a button element.
    • have ARIA button role (role="button).
    • have the type of submit.

    Non-semantic markup and multiple elements fulfilling the above requirements might cause failed tests. Calibre scans your Sites for submission buttons in the following order:

    1. Selector provided in Submit selector field
    2. [type="submit"]
    3. [type='submit'][value='Sign in']
    4. [type='submit'][value='Next']
    5. [type='button']
    6. button
    7. [role='button']

    Allow Calibre Agent IPs

    In some cases, authentication might fail even when form-based authentication has been set up correctly. We recommend allowing Calibre Agent IP addresses to ensure Calibre can successfully view your sites and applications.

    Multi-step forms

    Calibre can walk through multi-step forms. Set the Submit selector to target the submit button used in each step of your form, e.g.: #continue[type=submit], #signInSubmit[type=submit].

    Using the example selectors above, Calibre will search for elements matching #continue and #signInSubmit and click the first matching element it finds.

    Basic Authentication

    Basic authentication is a simple way to authenticate built into the HTTP protocol. When Calibre Test Agent requests your Site, you can pass credentials in Authorization: Basic <credentials> header. The credentials have to be Base64-encoded.

    Caution
    Because Base64-encoding can be easily reversed, basic authentication is insecure unless used with other security precautions, such as HTTPS and SSL.

    To enable basic authentication, add a header to Agent Settings or a Test Profile with the following format:

    • Name: Authorization
    • Value: Basic Base64-encoded username:password
    Example of basic authentication for credentials username:password
    Example of basic authentication for credentials username:password.

    You can generate the Base64-encoded string using the base64 command in a terminal:

    1echo -n 'username:password' | base64

    For more information about Authorization headers, see MDN Authorization documentation.

    Cookies and Headers

    When Form Authentication is not sufficient (for example, in the case of more complex authentication flows, which have confirmation steps), we recommend using Cookies or Headers to authenticate your sites and applications.

    You can add authentication to specific Test Profiles, or globally at Test Agent level.

    Test Profile Cookies and Headers

    Test Profiles allow changing the conditions that your Sites are tested under, including authentication. To add Cookies or Headers to Test Profiles, navigate to Site → Settings → Test Profiles and choose a relevant Test Profile. Click Add a header or Add a cookie button to create a new one, then save the profile information:

    Adding Headers and Cookies in Test Profiles
    Caution
    Cookies and Headers set in Test Profiles override Test Agent Cookies and Headers. Use Test Agent settings for global authentication and Test Profiles for more granular settings.

    The Calibre Agent will use the set Cookie or Header when making requests to your Site.

    Test Agent Cookies and Headers

    To add Cookies or Headers to the Test Agent, navigate to Site → Settings → Test Agent. Click Add a header or Add a cookie button to create a new one, then save it.

    Adding a Header at Test Agent level

    The Calibre Agent will use the set Cookie or Header when making requests to your Site.

    Dynamically updating Cookies and Headers

    You can use the Calibre API to dynamically update Site or Test Profile headers and cookies. If you have a custom authentication method, you can perform authentication steps and then use the API to update Calibre with current credentials.

    Getting help

    If none of the above options quite work with your environment, reach out to our technical support team for further assistance.