Skip to main content
Transform your testing process with: Real Device Features, Company-wide Licences, & Test Observability
No Result Found

Basic HTTP authentication

Learn how to test websites that are protected by basic HTTP authentication.

To test a website which is protected by basic auth (username and password), you can authenticate yourself using one of the following techniques in the test script:

Basic authentication technique Use case
Pass username and password in the URL When you open the first URL which has basic authentication (using driver.get, etc.) in the testscript.
Basic authentication - JSExecutor When you navigate to a URL which has basic authentication (using click action, Javascript navigation commands, etc.).
Dismiss login pop-up - JSExecutor When you want to dismiss the basic auth login pop-up.

Safari on MacOS does not support basic authentication using username and password. Use the header injection feature for authentication.

Pass username and password in the URL

Passing username and password in the URL helps to avoid the login prompt. This is achieved by encoding the username and password in the URL, that is, prepending username:password@ to the hostname in the URL.

For example, if you have basic authentication enabled in the www.example.com/index.html page then by passing username and password in the URL (refer the below code), you can avoid the login prompt and get authenticated automatically.

// ... Get the URL
driver.get("https://<username>:<password>@www.example.com/index.html")
// ... Get the URL
driver.get('https://<username>:<password>@www.example.com/index.html').then(function(){

});
// ... Get the URL
driver.Navigate().GoToUrl("https://<username>:<password>@www.example.com/index.html");
// ... Get the URL
$web_driver->get("https://<username>:<password>@www.example.com/index.html");
# ... Get the URL
driver.get("https://<username>:<password>@www.example.com/index.html")
# ... Get the URL
driver.navigate.to "https://<username>:<password>@www.example.com/index.html"

If you have @ or : in your password or username you need to encode them using URL encoding. However, some browsers (some versions of Chrome & IE) don’t support URL encoding anymore as per RFC 3986. Thus you can use sendBasicAuth JavascriptExecutor for basic authentication.

All browsers and device combinations except Safari browser on MacOS and Android mobile devices.

JavascriptExecutor for basic HTTP Authentication

While navigating to a secured web page (using click action, Javascript navigation commands, etc.) which has basic authentication, passing username and password in the URL for autologin is not supported.

If you are using BrowserStack SDK, you can set the following capability in the browserstack.yml file:

Copy icon Copy

The sendBasicAuth JavascriptExecutor is used to performs autologin to a webpage with a predefined username and password.

DesiredCapabilities capabilities = new DesiredCapabilities();
JavascriptExecutor jse = (JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"sendBasicAuth\", \"arguments\": {\"username\":\"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
const str =  {
    "browserstack_executor" : {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
            "username": "<username>", 
            "password": "<password>",
        }
    },
};

const obj = JSON.parse(JSON.stringify(str));

await driver.executeScript(obj);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"sendBasicAuth\",\"arguments\": {\"username\": \"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
$driver->executeScript('browserstack_executor: {"action": "sendBasicAuth", "arguments": {"username":"<username>", "password": "<password>", "timeout": "<time in milliseconds>"}}');
basic_auth = [
    "browserstack_executor", {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
            "username": "<username>", 
            "password": "<password>",
        }
    },
]

y = json.dumps(basic_auth)

driver.execute_script(y)
require 'json'

basic_auth = `"browserstack_executor" : {
    "action" : "sendBasicAuth",
    "arguments": {
        "timeout": "<time in milliseconds>",
        "username": "<username>", 
        "password": "<password>",
    }
},`

JSON.parse(basic_auth)
driver.execute_script(basic_auth)

All browsers and device combinations except Safari browser on MacOS and Android mobile devices.

JavascriptExecutor to dismiss login pop-up

Set the following capability in the browserstack.yml file:

Copy icon Copy

The dismissbasicauth JavascriptExecutor is used to dismiss login pop-up while navigating to a secured web page. This is used in cases where you want to test your website to ensure appropriate page is loaded on dismissing the login pop-up.

JavascriptExecutor jse = (JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
const str =  {
    "browserstack_executor" : {
        "action" : "dismissBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
        }
    },
};

const obj = JSON.parse(JSON.stringify(str));

await driver.executeScript(obj);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
$driver->executeScript('browserstack_executor: {"action": "dismissBasicAuth", "arguments": {"timeout":"<time in milliseconds>"}}');
basic_auth = [
    "browserstack_executor", {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
        }
    },
]

y = json.dumps(basic_auth)

driver.execute_script(y)
require 'json'

basic_auth = `"browserstack_executor" : {
    "action" : "dismissBasicAuth",
    	"arguments": {
        	"timeout": "<time in milliseconds>",
},`

JSON.parse(basic_auth)
driver.execute_script(basic_auth)

BrowserStack SDK is a plug-n-play solution that takes care of all the integration steps for you. Using the BrowserStack SDK is the recommended integration method for your project. To know more, visit the SDK core concepts page.

While navigating to a secured web page (using click action, Javascript navigation commands, etc.) which has basic authentication, passing username and password in the URL for autologin is not supported. Hence sendBasicAuth` JavascriptExecutor is used (refer the below code), which performs autologin to a webpage with a predefined username and password.

Use only double quotes for JavascriptExecutor as JSON Standards accepts double quotes only.

DesiredCapabilities capabilities = new DesiredCapabilities();
HashMap<String, Object> browserstackOptions = new HashMap<String, Object>();
browserstackOptions.put("unhandledPromptBehavior", "ignore");
capabilities.setCapability("bstack:options", browserstackOptions);
JavascriptExecutor jse = (JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"sendBasicAuth\", \"arguments\": {\"username\":\"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
var capabilities = {
	'bstack:options' : {
		"unhandledPromptBehavior" : "ignore",
	},
}

const str =  {
    "browserstack_executor" : {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
            "username": "<username>", 
            "password": "<password>",
        }
    },
};

const obj = JSON.parse(JSON.stringify(str));

await driver.executeScript(obj);
Dictionary<string, object> browserstackOptions = new Dictionary<string, object>();
browserstackOptions.Add("unhandledPromptBehavior", "ignore");
capabilities.AddAdditionalOption("bstack:options", browserstackOptions);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"sendBasicAuth\",\"arguments\": {\"username\": \"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
$caps = array(
	'bstack:options' => array(
		"unhandledPromptBehavior" => "ignore",
	),
)
$driver->executeScript('browserstack_executor: {"action": "sendBasicAuth", "arguments": {"username":"<username>", "password": "<password>", "timeout": "<time in milliseconds>"}}');
desired_cap = {
	'bstack:options' : {
		"unhandledPromptBehavior" : "ignore",
	},
}

basic_auth = [
    "browserstack_executor", {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
            "username": "<username>", 
            "password": "<password>",
        }
    },
]

y = json.dumps(basic_auth)

driver.execute_script(y)
require 'json'

capabilities = {
	'bstack:options' => {
        "javascriptEnabled" => "true", #Additionally, include this capability for JavaScript Executors to work
		"unhandledPromptBehavior" => "ignore",
	},
}

basic_auth = `"browserstack_executor" : {
    "action" : "sendBasicAuth",
    "arguments": {
        "timeout": "<time in milliseconds>",
        "username": "<username>", 
        "password": "<password>",
    }
},`

JSON.parse(basic_auth)
driver.execute_script(basic_auth)
caps.setCapability("unhandledPromptBehavior", "ignore"); 
JavascriptExecutor jse = (JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"sendBasicAuth\", \"arguments\": {\"username\":\"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
var capabilities = {
  'unhandledPromptBehavior' : 'ignore'
};
driver.executeScript('browserstack_executor: {\"action\": \"sendBasicAuth\", \"arguments\": {\"username\":\"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}');
capability.AddAdditionalCapability("unhandledPromptBehavior", "ignore", true);  
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"sendBasicAuth\",\"arguments\": {\"username\": \"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}");
$caps = array(
  "unhandledPromptBehavior" => "ignore"
);
$driver->executeScript('browserstack_executor: {"action": "sendBasicAuth", "arguments": {"username":"<username>", "password": "<password>", "timeout": "<time in milliseconds>"}}');
desired_cap = {
  'unhandledPromptBehavior': 'ignore'
}  
driver.execute_script('browserstack_executor: {\"action\": \"sendBasicAuth\", \"arguments\": {\"username\":\"<username>\", \"password\": \"<password>\", \"timeout\": \"<time in milliseconds>\"}}')
caps['javascriptEnabled'] = 'true' #Additionally, include this capability for JavaScript Executors to work
caps['unhandledPromptBehavior'] = 'ignore'

driver.execute_script('browserstack_executor: {"action": "sendBasicAuth", "arguments": {"username":"<username>", "password": "<password>", "timeout": "<time in milliseconds>"}}')

All browsers and device combinations except Safari browser on MacOS and Android mobile devices.

JavascriptExecutor to dismiss login pop-up

The dismissbasicauth JavascriptExecutor is used to dismiss login pop-up while navigating to a secured web page. This is used in cases where you want to test your website to ensure appropriate page is loaded on dismissing the login pop-up.

JavascriptExecutor jse = (JavascriptExecutor)driver;
jse.executeScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
var capabilities = {
	'bstack:options' : {
		"unhandledPromptBehavior" : "ignore",
	},
}

const str =  {
    "browserstack_executor" : {
        "action" : "dismissBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
        }
    },
};

const obj = JSON.parse(JSON.stringify(str));

await driver.executeScript(obj);
((IJavaScriptExecutor)driver).ExecuteScript("browserstack_executor: {\"action\": \"dismissBasicAuth\",\"arguments\": {\"timeout\": \"<time in milliseconds>\"}}");
$driver->executeScript('browserstack_executor: {"action": "dismissBasicAuth", "arguments": {"timeout":"<time in milliseconds>"}}');
desired_cap = {
	'bstack:options' : {
		"unhandledPromptBehavior" : "ignore",
	},
}

basic_auth = [
    "browserstack_executor", {
        "action" : "sendBasicAuth",
        "arguments": {
            "timeout": "<time in milliseconds>",
        }
    },
]

y = json.dumps(basic_auth)

driver.execute_script(y)
require 'json'

capabilities = {
	'bstack:options' => {
        "javascriptEnabled" => "true", #Additionally, include this capability for JavaScript Executors to work
		"unhandledPromptBehavior" => "ignore",
	},
}

basic_auth = `"browserstack_executor" : {
    "action" : "dismissBasicAuth",
    	"arguments": {
        	"timeout": "<time in milliseconds>",
},`

JSON.parse(basic_auth)
driver.execute_script(basic_auth)

All browsers and device combinations except Safari browser on MacOS and Android mobile devices.

Basic authentication using URL encoding will not work if there is any URL redirection and authentication is required on the redirected website. You need to use our JavascriptExecutor in those cases.

Check this page for a list of various JavaScript Executors that BrowserStack offers.

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked





Thank you for your valuable feedback

Is this page helping you?

Yes
No

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked





Thank you for your valuable feedback!

Talk to an Expert
Download Copy Check Circle