ObservePoint

An Authenticated Audit is a specialized scanning process that allows ObservePoint’s web crawler to bypass login screens to inspect "authenticated" areas of your website. While a standard audit only reaches public-facing pages, an authenticated audit uses stored credentials to access member dashboards, checkout sequences, and account settings.

It ensures that your data layer, analytics tags, and privacy compliance measures are functioning correctly in the most sensitive areas of your site—where high-value conversions and the handling of Personally Identifiable Information (PII) typically occur.

Setting up an authenticated audit requires configuring Pre-Audit Actions. These is a sequence of commands that tell the crawler exactly how to interact with your login form before it begins its scan.

Before configuring the audit, ensure your environment is ready:

Test Credentials: Use a dedicated "staging" or "test" account rather than a personal one.

IP Allowlisting: Ensure your IT or Security team has allowlisted <a href="https://help.observepoint.com/en/articles/9101465-allow-exclude-observepoint-traffic">ObservePoint’s static IP addresses</a> so the crawler isn't flagged as a bot or a brute-force attack.

- Test Credentials: Use a dedicated "staging" or "test" account rather than a personal one.
- IP Allowlisting: Ensure your IT or Security team has allowlisted <a href="https://help.observepoint.com/en/articles/9101465-allow-exclude-observepoint-traffic">ObservePoint’s static IP addresses</a> so the crawler isn't flagged as a bot or a brute-force attack.

Create New Audit: Within the ObservePoint platform, create a new Audit.

1. Create New Audit: Within the ObservePoint platform, create a new Audit.

Access Pre-Audit Actions: In the setup sidebar, select the Pre-Audit Actions tab.

Build the Login Sequence: Use the "Add An Action" button to build the following steps:

- Navigate: Direct the crawler to your login URL.

- Set Text/Input: Identify the username field (using a CSS selector or XPath) and enter the test username.

- Set Masked Value: Identify the password field and enter the password. This value is encrypted for security, so no other ObservePoint users or even engineers could access it.

- Click: Target the "Submit" or "Sign In" button.

Add a Verification Step: After the Click action, add a Wait time after the action (e.g., 2–3 seconds) or a Check action to confirm that a "Logout" button or "Welcome" message appears. This ensures the session is active before the crawl begins.

1. Access Pre-Audit Actions: In the setup sidebar, select the Pre-Audit Actions tab.
2. Build the Login Sequence: Use the "Add An Action" button to build the following steps:
 - Navigate: Direct the crawler to your login URL.
 
 
 
 - Set Text/Input: Identify the username field (using a CSS selector or XPath) and enter the test username.
 
 
 
 - Set Masked Value: Identify the password field and enter the password. This value is encrypted for security, so no other ObservePoint users or even engineers could access it.
 
 
 
 - Click: Target the "Submit" or "Sign In" button.
3. Add a Verification Step: After the Click action, add a Wait time after the action (e.g., 2–3 seconds) or a Check action to confirm that a "Logout" button or "Welcome" message appears. This ensures the session is active before the crawl begins.

Implementing Authenticated Audits ensures your privacy compliance measures extend beyond the public eye and into the secure environments where sensitive user data is most vulnerable. By proactively scanning login-protected areas, you can detect data leaks or non-compliant tracking in real-time, safeguarding both your regulatory standing and your users' trust.

This guide covers Authenticated Audits, a process that uses stored credentials to validate analytics, data layers, and privacy compliance within login-protected areas of your website.

How to Create An Authenticated Audit

Web Privacy

Resource Library

Customers

1.801.717.9361

Analytics Validation

Blog

News & Media

2100 W Pleasant Grove Blvd, Suite 300 Pleasant Grove, UT 84062

Accessibility

API Docs

Careers

Email

Consent Management

About Us

Email Link Validation

Privacy Policy

Landing Page Validation

Debugger

Solutions

Resources

Company

Contact

Academy

Events

Join Slack Community

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Empty Help Center

Uh oh. That page doesn’t exist.

Home

Search

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

No tickets created by you

Try using different keywords or checking for typos.

No tickets found

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Tickets

No access to tickets portal

English

Français

Deutsch

日本語

Español

url(https://downloads.intercomcdn.com/i/o/518132/8a3146c28bba05b9b1a20742/28ad8ceda0c1458758a469393e11a183.png)

How to Create An Authenticated Audit

Overview

How to Set Up an Authenticated Audit

1. Preparation & Permissions

2. Configure Pre-Audit Actions

Conclusion