Run Authenticated Scans in UserWay's Accessibility Scanner

Rodrigo Asai
Rodrigo Asai
  • Updated

UserWay's Accessibility Scanner provides 3 different types of authentications:

Authentication Type: Applicable to: Complexity:
Basic Authentication Website that uses HTTP basic authentication  No technical skill required
Form Authentication Username plus password authentication Basic CSS knowledge
Scenario Authentication For any other type of login Basic CSS and JS knowledge

Basic Authentication:

HTTP Basic authentication simply means the application sends a username and password with every request, and those credentials are also often stored or saved on the device.

To add a site that is under HTTP basic authentication, please follow the steps below:

  1. Log in to your scanner account. 
  2. Go to + New Scan > Authenticated Scan > Website URL
  3. Change to Basic Authentication and add the username and password to log in to the page.
  4. Click on Start Scan to add the authenticated page to the scanner:

basic_authentication.gif

The basic authentication above is an example from jigsaw.w3.org

Form Authentication:

The authentication form is implemented directly on the website in forum format, where the user needs to enter the username and password to access protected content, for example our Scanner login page.

The following example shows how selectors would look using our scanner authentication form:
User Name Field Selector, Password Field Selector and the Submit button Selector

To add a site that is under Form Authentication, please follow the steps below:

  1. Inspect your website authentication form using the developer tool of your web browser:

    inspect.gif

  2. Go to + New Scan > Authenticated Scan  > Form Authentication.
  3. Add the username and password, and fill the form based on the inspect result from Step 1.
  4. Click Start Scan to add the authenticated form page to the scanner:

form_auth.gif

The selectors and ID above are just an example. They can vary according to the structure of the page. Use your browser's inspect tool to obtain the information, or consult with its developer.

Scenario Authentication

These are used when the authentication system has a specific scenario, e.g.: Authentication requires multiple steps or Authentication requires more than username/email and password.

In the following example, we will use the https://login.live.com/ website as an example, and some most-used commands, to create an authentication scenario:

Commands/code: What the command/code does:
clickOnSelector('selector: string') Performs mouse click on a given CSS selector
typeInSelector('selector: string, text: string') Performs text typing to an input (or a text area) within a given CSS selector
waitForTimeout(timeout: milliseconds) Pauses scenario execution for a given timeout. We recommend using this command whenever the page or the page's DOM changes.
  1. Go to https://login.live.com/ and inspect the username form (Find CSS field selector for email, e.g.: typeInSelector('input [type="email")','test@test.com';)
  2. Find CSS field selector for Password, e.g.: typeInSelector('input [type="password")','testing';

cenario_auth.gif

  1. Log in to your scanner account. 
  2. Go to + New Scan > Authenticated Scan > Authenticated scan > Scenario authentication
  3. Add the site or page you would like to scan & monitor and the authentication access details:

scanner.gif