Scan domain that requires login
Access Type: Compliance Report - Editor
Premium Feature: Advanced Compliance Monitoring
Utilizing the Advanced Compliance Monitoring feature, your organization can generate compliance reports for domains that require a login. In this article, we will cover how to configure a compliance report scan on a domain for the following login forms:
All credentials are collected and submitted in one interaction (i.e. the username, password, and submit button are on the same page)
User identity is established before prompting for authentication secrets (e.g. User submits user name first and inputs password in a secondary step)
Didomi currently does not support two-factor authentication (2FA) scanning.
To start, click Advanced Compliance Monitoring on the left-hand panel and either add a new domain or edit an existing domain.
Single-step (combined) login
If the login form used by the domain is a traditional login form where the credentials are collected and submitted in a single interaction then your organization can utilize the Scan logged in environment feature. This feature will log you in for all scenarios included in the scan and provide password encryption by Didomi.
Expand the Scan logged in environment accordion on the subsequent page and enable the checkbox for Scan logged environment.
Your organization will be prompted to input required credentials and/or optional CSS selectors to aid the Didomi bot in accessing the domain and performing its scan. Click the tabs below to learn more.
In order to scan an environment that requires end-user login, your organization must provide the following information when configuring the compliance report for the domain:
Login page URL
Login form where URL is present
Username
Username that will be used by the Didomi bot to log into your website
Password
Password associated with the username that will be used by the Didomi bot to log into your website Note: The password is encrypted by Didomi to avoid causing any security breaches.
The Didomi bot will automatically attempt to insert the username and password in the appropriate fields, and select the submission button when accessing your website. Your organization can directly configure the Didomi bot's actions when inserting and selecting the submission button by giving it the CSS selectors of the appropriate fields/buttons.
To collect the CSS selector values for the username, password, and submission button field:
Navigate to your login page URL
Right-click the desired element on the page where the Didomi bot should insert the required text/click the button
Select Inspect from the subsequent menu
The element should be highlighted in the Inspector. Right-click the highlighted item in the Inspector and select Copy > Copy selector (or CSS Selector depending on browser).
Navigate to your compliance report configuration and add the copied value to the appropriate field for the element.
Repeat as necessary for the remaining fields
Multi-step login
If the login form used by the domain is a multi-step form where end-users provide credentials in separate steps (such as the identifier-first login used by Google or Microsoft) then your organization will need to manually customize each scenario in the compliance report scan.
Retrieve CSS selectors
Configure Bot scenarios with multi-step login
Note: When configuring a scan for a domain that utilizes a multi-step login, do not enable the Scan logged in environment feature.
Additionally, please be aware that Didomi does not provide password encryption Didomi-side for multi-step login forms.
Retrieve CSS selectors
CSS selector values will instruct the Didomi bot where to click (or insert text) in the login form. To collect the CSS selector values:
Navigate to the login form
Right-click the desired element of where the Didomi bot should click (or insert text)
Select Inspect from the subsequent menu
The element should be highlighted in the Inspector. Right-click the highlighted item in the Inspector and select Copy > Copy selector (or CSS Selector depending on browser).
Repeat the above steps to retrieve all CSS selectors the Didomi bot will need to interact with to successfully log into the website.
Configure Bot scenarios with multi-step login
With the CSS selectors copied, expand the accordion for a scenario and utilize the Add an instruction tools to select the first step in the login flow.
Depending on the instruction selected, your organization will need to input the following:
Click
CSS selector
Fill in
Text to input into the field for your login form
CSS selector of the field where a user inputs the text
Repeat as necessary to reproduce the sequential steps needed to successfully login. When finished, use the provided arrows to ensure that the login steps precede any actions performed for the consent notice.
Click Save and Run when finished.
Last updated