Adding and replacing credentials for non-public sites

Siteimprove can crawl intranets and other non-public sites. Read about requirements and considerations in this help center article.

In September 2023, Siteimprove enabled the ability for account owners and administrators to add and replace credentials via the Siteimprove platform to further increase security for our customers’ credentials on those internal sites.

As account owner, or administrator, or if given the permission within a custom role, you will find the site crawl authentication feature in Settings -> Sites, in the site summary.

To add or replace credentials for a site you select, go to the site crawl credential settings in your site summary card. If you do not have credentials yet, you will be prompted to add them. If you previously added credentials, you will be given the option to replace your existing ones.

You can also remove credentials, but we do not recommend deleting the credentials unless your site no longer needs them for any purpose. If the login credentials for your non-public site have changed, please use the “replace” functionality.

The pop-up will ask you for your credentials. Credentials typically consist of one username and one password, but you can add a second password upon adding credentials if necessary. If two credentials are not required for your login, you can put NA into one field. 

Please be aware of the requirements for login credentials for password-protected websites.

Adding and replacing credentials will securely store the credentials in your AWS secrets manager. Our crawler uses these credentials as it crawls your site.

Adding credentials

When you add credentials to a site for the first time, this will:

• Send your credentials to AWS secrets storage for increased security.
• Send a support ticket to our customer support team. They will then be prompted to set up a login script to use your credentials to log in to the site.

Replacing credentials

If you can replace credentials, then you already had credentials on your site. This means that a login script has already been created by your designated customer support team. The scripts they created contain references to AWS secret storage for usage on a site. 

Note that the “replace” action will only:

• Replace your existing credentials in AWS secrets storage with the new credentials.

The logon script that the customer support team created for the site will remain as it was, only using the newly replaced credentials with the existing reference. This action will not trigger a customer support team ticket.

Deleting credentials

We do not recommend deleting credentials unless your site does not need them anymore. If the login credentials to a non-public site must be changed, please use the “replace” functionality.

If you do delete credentials, the references to those credentials in our crawler are also deleted. If you then add new credentials later instead of replacing them, it will take longer for the crawler to pick up the new credentials. This will trigger a ticket to our customer support team. They will need to change the references in the logon script. Once changed, the crawler will have access to the new credentials and crawling can continue.

Non-public website statement

Please note that any use of Siteimprove’s services on a non-public website or a website that contains non-public or personal information shall be subject to Siteimprove’s non-public website statement.

This statement may have been signed as part of your subscription or could have been signed as an amendment to your subscription. Please reach out to your customer success manager if you are unsure if your statement has been signed.