Learn how to test websites that are protected by basic HTTP authentication.
To test a website which is protected by basic auth (username and password), you can authenticate yourself using one of the following techniques in the test script:
When you want to dismiss the basic auth login pop-up.
Safari on MacOS does not support basic authentication using username and password. Use the header injection feature for authentication.
Pass username and password in the URL
Passing username and password in the URL helps to avoid the login prompt. This is achieved by encoding the username and password in the URL, that is, prepending username:password@ to the hostname in the URL.
For example, if you have basic authentication enabled in the www.example.com/index.html page then by passing username and password in the URL (refer the below code), you can avoid the login prompt and get authenticated automatically.
// ... Get the URL
driver.get("https://<username>:<password>@www.example.com/index.html")
// ... Get the URL
driver.get('https://<username>:<password>@www.example.com/index.html').then(function(){});
// ... Get the URL
driver.Navigate().GoToUrl("https://<username>:<password>@www.example.com/index.html");
// ... Get the URL$web_driver->get("https://<username>:<password>@www.example.com/index.html");
# ... Get the URL
driver.get("https://<username>:<password>@www.example.com/index.html")
# ... Get the URL
driver.navigate.to "https://<username>:<password>@www.example.com/index.html"
If you have @ or : in your password or username you need to encode them using URL encoding.
However, some browsers (some versions of Chrome & IE) don’t support URL encoding anymore as per RFC 3986. Thus you can use sendBasicAuth JavascriptExecutor for basic authentication.
All browsers and device combinations except Safari browser on MacOS and Android mobile devices.
While navigating to a secured web page (using click action, Javascript navigation commands, etc.) which has basic authentication, passing username and password in the URL for autologin is not supported.
If you are using BrowserStack SDK, you can set the following capability in the browserstack.yml file:
basic_auth =["browserstack_executor",{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>","username":"<username>","password":"<password>",}},]
y = json.dumps(basic_auth)
driver.execute_script(y)
require'json'
basic_auth = `"browserstack_executor":{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>","username":"<username>","password":"<password>",}},`
JSON.parse(basic_auth)
driver.execute_script(basic_auth)
All browsers and device combinations except Safari browser on MacOS and Android mobile devices.
JavascriptExecutor to dismiss login pop-up
Set the following capability in the browserstack.yml file:
The dismissbasicauth JavascriptExecutor is used to dismiss login pop-up while navigating to a secured web page. This is used in cases where you want to test your website to ensure appropriate page is loaded on dismissing the login pop-up.
JavascriptExecutor jse =(JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
const str ={"browserstack_executor":{"action":"dismissBasicAuth","arguments":{"timeout":"<time in milliseconds>",}},};const obj =JSON.parse(JSON.stringify(str));await driver.executeScript(obj);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
$driver->executeScript('browserstack_executor: {"action": "dismissBasicAuth", "arguments": {"timeout":"<time in milliseconds>"}}');
basic_auth =["browserstack_executor",{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>",}},]
y = json.dumps(basic_auth)
driver.execute_script(y)
require'json'
basic_auth = `"browserstack_executor":{"action":"dismissBasicAuth","arguments":{"timeout":"<time in milliseconds>",},`
JSON.parse(basic_auth)
driver.execute_script(basic_auth)
BrowserStack SDK is a plug-n-play solution that takes care of all the integration steps for you. Using the BrowserStack SDK is the recommended integration method for your project. To know more, visit the SDK core concepts page.
While navigating to a secured web page (using click action, Javascript navigation commands, etc.) which has basic authentication, passing username and password in the URL for autologin is not supported. Hence sendBasicAuth` JavascriptExecutor is used (refer the below code), which performs autologin to a webpage with a predefined username and password.
Use only double quotes for JavascriptExecutor as JSON Standards accepts double quotes only.
var capabilities ={'bstack:options':{"unhandledPromptBehavior":"ignore",},}const str ={"browserstack_executor":{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>","username":"<username>","password":"<password>",}},};const obj =JSON.parse(JSON.stringify(str));await driver.executeScript(obj);
desired_cap ={'bstack:options':{"unhandledPromptBehavior":"ignore",},}
basic_auth =["browserstack_executor",{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>","username":"<username>","password":"<password>",}},]
y = json.dumps(basic_auth)
driver.execute_script(y)
require'json'
capabilities ={'bstack:options'=>{"javascriptEnabled"=>"true",#Additionally, include this capability for JavaScript Executors to work"unhandledPromptBehavior"=>"ignore",},}
basic_auth = `"browserstack_executor":{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>","username":"<username>","password":"<password>",}},`
JSON.parse(basic_auth)
driver.execute_script(basic_auth)
caps['javascriptEnabled']='true'#Additionally, include this capability for JavaScript Executors to work
caps['unhandledPromptBehavior']='ignore'
driver.execute_script('browserstack_executor: {"action": "sendBasicAuth", "arguments": {"username":"<username>", "password": "<password>", "timeout": "<time in milliseconds>"}}')
All browsers and device combinations except Safari browser on MacOS and Android mobile devices.
JavascriptExecutor to dismiss login pop-up
The dismissbasicauth JavascriptExecutor is used to dismiss login pop-up while navigating to a secured web page. This is used in cases where you want to test your website to ensure appropriate page is loaded on dismissing the login pop-up.
JavascriptExecutor jse =(JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
var capabilities ={'bstack:options':{"unhandledPromptBehavior":"ignore",},}const str ={"browserstack_executor":{"action":"dismissBasicAuth","arguments":{"timeout":"<time in milliseconds>",}},};const obj =JSON.parse(JSON.stringify(str));await driver.executeScript(obj);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
$driver->executeScript('browserstack_executor: {"action": "dismissBasicAuth", "arguments": {"timeout":"<time in milliseconds>"}}');
desired_cap ={'bstack:options':{"unhandledPromptBehavior":"ignore",},}
basic_auth =["browserstack_executor",{"action":"sendBasicAuth","arguments":{"timeout":"<time in milliseconds>",}},]
y = json.dumps(basic_auth)
driver.execute_script(y)
require'json'
capabilities ={'bstack:options'=>{"javascriptEnabled"=>"true",#Additionally, include this capability for JavaScript Executors to work"unhandledPromptBehavior"=>"ignore",},}
basic_auth = `"browserstack_executor":{"action":"dismissBasicAuth","arguments":{"timeout":"<time in milliseconds>",},`
JSON.parse(basic_auth)
driver.execute_script(basic_auth)
All browsers and device combinations except Safari browser on MacOS and Android mobile devices.
Basic authentication using URL encoding will not work if there is any URL redirection and authentication is required on the redirected website. You need to use our JavascriptExecutor in those cases.
Related topics
Check this page for a list of various JavaScript Executors that BrowserStack offers.
Did this page help you?
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
