Calibre can log in to protected websites and applications to monitor performance. When you set up authentication for a Site, it will run on all Pages within that Site. This artcle covers several ways of authentication that might suit your needs.
Calibre runs its authentication in a desktop browser, no matter your Test Profile settings. After the Test Agent completes the authentication process, the browser cache and Service workers are unregistered, so the following test has no trace of previously loading any resources.
Credentials will be stored in clear text. We recommend that you create a special test account for Calibre.
Calibre can log into your sites and applications as if it was one of your users. Form authentication supports the most common types of single and multi-step log in forms. Two-factor authentication (2FA) is not supported.
In some cases, authentication might fail even when form-based authentication has been set up correctly. We recommend allowing Calibre Agent IP addresses to ensure Calibre can successfully view your sites and applications.
Because Base64-encoding can be easily reversed, basic authentication is insecure unless used with other security precautions, such as HTTPS and SSL.
Basic authentication is a simple way to authenticate built into the HTTP protocol. When Calibre Test Agent requests your Site, you can pass credentials in Authorization: Basic <credentials> header. The credentials have to be Base64-encoded.
1echo -n 'username:password' | base64
For more information about Authorization headers, see MDN Authorization documentation.
When Form Authentication is not sufficient (for example, in the case of more complex authentication flows, which have confirmation steps), we recommend using Cookies or Headers to authenticate your sites and applications.
You can add authentication to specific Test Profiles, or globally at Test Agent level.
Cookies and Headers set in Test Profiles override Test Agent Cookies and Headers. Use Test Agent settings for global authentication and Test Profiles for more granular settings.
Test Profiles allow changing the conditions that your Sites are tested under, including authentication.
You can use the Calibre API to dynamically update Site or Test Profile headers and cookies. If you have a custom authentication method, you can perform authentication steps and then use the API to update Calibre with current credentials.
On this page