Crawling Password Protected Website Online

In this tutorial, we will learn how to crawl a password protected website online by passing the username, password in agent configuration for authentication programmatically and then crawl the behind login webpages.

To crawl a website with login, first of all we must get authenticated our scraping agent with Username and Password. And then, we can scrape the internal pages as we do with public websites. Scraping the web with Agenty, hosted app is pretty easy and quick to setup using the extension and then we can enter the credentials by editing the scraper in agent editor. This tutorial shows how to get data from a password protected website after login successfully and then schedule the scraper to scrape the website with login automatically on scheduled time.

There are 2 types of authentications:

  • Form Authentication
  • Http Authentication (also called as Basic or Network Authentication)

Form Authentication

Form-based authentication is the most widely used website protection technique, where the websites display a HTML web form to fill in the username, password and click on submit button in order to login and access the secure pages or service. A usual password protected website scraping with form-authentication workflow looks like below and we need to perform all steps one by one to get data from a website that requires a login.

  1. Navigate to the login page.
  2. Enter the Username in input field
  3. Enter the Password in input field
  4. Click on the Login button
  5. Start scraping internal pages.


The form-authentication engine in scraping agent has the following commands to interact with a login page using CSS Selectors as the target of any element, this will allow us to complete the initial 1-4 login steps prior to start scraping internal pages.


To navigate a particular webpage, for example the login page for authentication

Required Parameters:

  1. Value: A valid URL to navigate.


To type some text in a text box. For example, username or password to the text box

Required Parameters:

  1. Target: A valid CSS selector of text box.
  2. Value: Value to enter in the text box.


To click on a button or a hyper-link

Required Parameters:

  1. Target: A valid CSS selector of button/link needs to be clicked


To wait (n) seconds before firing the next event

Required Parameters:

  1. Value: Seconds(n) to wait


Select an item from dropdown list

Required Parameters:

  1. Target: A valid CSS selector of dropdown box.
  2. Value: Value needs to be selected.


To clear a text box

Required Parameters:

  1. Target: A valid CSS selector of text box, drop down to clear.


To inject a JavaScript function

Required Parameters:

  1. Value: A valid JavaScript function


To submit a form (or to press the Enter key)

How to crawl a website with login

Follow these steps to scrape data behind a login :

  1. Choose any Sample Agent
  2. Click on the Configuration tab
  3. Go to the Login section and enable the login as in the screenshot below.

Now go to the website you want to login, and check the web page source to analyse the login form. For this tutorial, I’m going to use the demo login website to demonstrate.
So there will be the 5 steps I will add in my agent to login successfully:

  1. Navigate the login site
    Type: Navigate
    Value: Moodle 4.1 sandbox demo: Log in to the site

  2. Add username
    Type: Type
    Target: #username(CSS selector)
    Value: admin (

  3. Add password
    Type: Type
    Target: #password(CSS selector)
    Value: sandbox(add password)

  4. To click on login button
    Type: Click
    Target: #loginbtn(CSS selector)

  5. Add wait (in milisecond)
    Type: Wait
    Value: 200ms (as per requirement)

The target CSS selector can be written with name, class or id. For example, to click on the “Sign In” button all these selectors are valid.

  • #ContentPlaceHolder1_LoginPanel_Password
  • .StandardButton
  • input[type='submit']

Once the login configuration part has been completed, save the scraping agent, and scroll up to the main agent page to start and test your agent. It’s always a best practice to test with few URLs to ensure that the agent is login successfully before running a large job. For example, I entered some internal URLs in input which was accessible after login only, and then started the scraping job.

Agenty recommends to run a test job for a few URLs, when the agent configuration has been changed. As that will allow me to analyze the result to ensure everything is working as expected, instead of starting the agent for a big list of URLs.

Then click on the Run button to start the web scraping agent job.


2023-03-21T06:13:06.268Z INFO Worker id: 370
2023-03-21T06:13:06.295Z INFO Job: {"job_id":4397124,"account_id":28535,"agent_id":"4mmgee6yke","type":"scraping","status":"started","priority":1,"pages_total":0,"pages_processed":0,"pages_succeeded":0,"pages_failed":0,"pages_credit":0,"created_at":"2023-03-21T06:13:06.235255Z","is_scheduled":false,"running_process_id":7379,"running_worker_id":370}
2023-03-21T06:13:06.392Z INFO Input type: url
2023-03-21T06:13:06.410Z INFO Job id: 4397124, Type: scraping, Status: running
2023-03-21T06:13:06.410Z INFO Total inputs: 1
2023-03-21T06:13:06.470Z INFO Login: 5 actions
2023-03-21T06:13:06.470Z INFO Running action 1 of 5
2023-03-21T06:13:06.470Z INFO Navigate to
2023-03-21T06:13:10.145Z INFO Running action 2 of 5
2023-03-21T06:13:10.145Z INFO Type admin on #username
2023-03-21T06:13:10.213Z INFO Running action 3 of 5
2023-03-21T06:13:10.213Z INFO Type sandbox on #password
2023-03-21T06:13:10.298Z INFO Running action 4 of 5
2023-03-21T06:13:10.298Z INFO Click on #loginbtn
2023-03-21T06:13:13.912Z INFO Running action 5 of 5
2023-03-21T06:13:13.912Z INFO Waiting 2000 ms
2023-03-21T06:13:15.928Z INFO Running page 1 of 1
2023-03-21T06:13:15.928Z INFO
2023-03-21T06:13:16.788Z INFO Status: 200


It will take a few seconds to initialize and login, then the web scraping agent will start scraping internal pages, and we can see the progress, logs and the final result as per your fields selection in the result output table.

HTTP Authentication

HTTP or basic authentication is a simple challenge in which a web server can request authentication information (typically a UserID and Password) from a client. These websites don’t have HTML web form to type credentials or select using CSS selectors and then click on submit button. Instead the browser opens a popup dialog (as in screenshot below) asking for credentials when you visit the secured pages and then the browser uses those credentials to convert into a base64 string and send the Authorization header to the server to attempt the login.

In order to crawl the basic-authentication protected websites, we need to use the HTTP-authentication as the type of login in scraping agent and then supply the credentials with these commands:

  1. Edit the scraping agent by clicking on “Edit” tab
  2. Go to Login to website section
  3. Enable the Login to website feature and select the Authentication type as “HTTP-authentication”
  4. Add the Navigate command to go to the login page URL.
  5. Add the Type command with target as username and value as your actual username to login.
  6. Add the Type command with target as password and value as your actual password to login.
  7. Save the scraping agent and re-run.
  8. See the output or logs to ensure the agent is able to login successfully.

The scraping agent automatically logout to the domain after 20 minutes of in-activity on the same domain or if the scraping job is completed prior to that. So, if you are using a throttling feature to delay sequential requests, be sure there is no gap of more than 20 minutes.

Basic Authentication with FORM

We can also get our agent session authenticated by sending a Navigate request with username and password in the URL itself. Just make a first request using form authentication or Form submit feature with URL format below:


For example :


  • When crawling password protected websites, we recommend to spend some time in analysis first, and try to use the specific login page of the website instead of a dialog box or popup login when possible. You may find that by logging in and then logging out, most of the website auto-redirect users on specific login page when logged out.
  • Add a 5-10 seconds of wait after clicking on the “Login” button to give enough time to the website for auto redirection to the main or home page.
  • If the website requires AJAX, JavaScript? Go to the Engine section and then enable JavaScript with the Default engine selected.
    Recommendation: Use the FastBrowser engine, if the target website doesn’t require JavaScript or images to be loaded for login and also to render internal pages you are crawling.

Want to extract data behind login? Let the Agenty team setup, execute and maintain your data scraping project - Request a quote

Signup now to get 100 pages credit free

14 days free trial, no credit card required!