Test every page, even the ones behind a login
Write short scripts that log in before each scan. Test dashboards, checkouts, and any page that requires authentication, with credentials stored securely as encrypted secrets.
Scan pages that require authentication
Many accessibility issues live behind a login. A11y Pulse Scripts let you write a short automation script that runs before each scan, logging in, navigating, and setting up any state your pages need.
- Supports click, fill, navigate, wait, and select actions
- Script runs before every daily scan automatically
- Test the same pages your real users actually use
Credentials stored as encrypted secrets
Never hardcode passwords in your scripts. Store credentials as Script Secrets: encrypted at rest, never logged, and referenced in scripts by name. Rotate credentials without touching your script.
Staging and preview environments
Scripts work on any URL, not just production. Add your staging environment as a separate site and A11y Pulse will scan it with the same login script, giving you accessibility coverage before changes go live.
- Separate sites for staging and production
- Same script can be shared or forked per environment
- Catch regressions before they reach users
The process
How it works
Write your login script
Define a sequence of actions: navigate, fill, click, wait. Use {{SECRET:NAME}} placeholders for any credentials. Takes about 5 minutes for a typical login flow.
Store your secrets
Add your credentials as Script Secrets in your site settings. They're encrypted at rest and never appear in logs or scan output.
Scan your authenticated pages
A11y Pulse runs your script before every scan. Your authenticated pages are crawled and tested exactly like any other, daily and automatically.
Scripts support five actions: navigate (go to a URL), fill (type into an input), click (click an element), select (choose from a dropdown), and wait (wait for an element to appear). That covers the vast majority of login flows.
Credentials are stored as Script Secrets, encrypted at rest using AES-256 and never written to logs or scan output. They're referenced in scripts using {{SECRET:NAME}} placeholders and resolved at scan time.
Yes. Add your staging environment as a separate site in A11y Pulse and assign it the same script. You'll get accessibility scan results for staging independently from production.
MFA flows that require a code from an authenticator app or SMS aren't currently supported, as A11y Pulse can't intercept the second factor. We recommend using a test account with MFA disabled, or an environment where MFA is bypassed for automated testing.
Yes. Each scan includes a script execution log showing which actions ran, whether they succeeded, and any errors. If a script fails to log in, the scan will record the failure rather than returning incorrect results.
Test every page, even the ones behind a login
No credit card. No setup. Just your URL and a clear list of issues to fix.
Start testing authenticated pages