Knowledge Base

Back to Knowledge Base

Support Center

Scanning behind login with a session cookie

Last Updated: Apr 20, 2018 04:41PM CEST

You can use a session cookie to scan behind login and test parts of your website that are only available to logged in users. 

1. Log in

Go to your website and log in.

2. Extract the session cookie

Look at the cookies in your browser and extract the session cookie your system is using to keep track of your user session.

3. Add the cookie to your scan profile

Add the cookie to your scan profile under Settings - Authentication.

4. You're all set!

Please note that session cookies only last a limited amount of time- Unless you have a way to keep sessions alive for a long time, using session cookies is not ideal as a form of authentication. If you'd like to scan behind login, we recommend you use Recorded Login. Recorded login teaches the scanner how to log in and allows it to use the same login flow as your users.
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found