Skip to main content
🔐 Running Audits

Form Login Audit

Audit pages behind a login form — ConformPilot handles authentication automatically.

What is Form Login mode?

Form Login mode allows ConformPilot to log in to your application using a username and password before auditing protected pages. ConformPilot fills in the login form, submits it, and then audits the target page — all automatically.

When to use Form Login mode

Standard login forms

Pages with a username/email + password login form (most web apps).

Dashboard and admin pages

Internal tools, dashboards, and admin panels that require authentication.

SSO / OAuth / MFA

For SSO, OAuth, or multi-factor authentication, use Authenticated Page Auditing with cookie injection instead.

How to set up Form Login Audit

  1. 1

    Open the audit form

    Click New Audit from the dashboard.

  2. 2

    Enter the target URL

    Enter the URL of the protected page you want to audit (not the login page URL).

  3. 3

    Select "Form Login" mode

    Choose Form Login from the audit mode dropdown. Additional fields will appear.

  4. 4

    Enter login page URL

    Enter the URL of your login page, e.g. https://app.example.com/login

  5. 5

    Enter credentials

    Enter the username/email and password for a test account. Use a dedicated test account — never use production admin credentials.

  6. 6

    Enter CSS selectors (optional)

    If ConformPilot cannot auto-detect the login form fields, enter the CSS selectors for the username field, password field, and submit button.

  7. 7

    Click Run Audit

    ConformPilot will log in, navigate to the target page, and run the accessibility audit.

⚠️ Security best practices

  • • Always use a dedicated test account — not your personal or admin account
  • • Credentials are used only for the audit session and are not stored permanently
  • • Use accounts with minimal permissions needed to access the pages being audited
  • • Do not use production credentials in shared team environments

Troubleshooting

Login fails — wrong page detected

Ensure the login page URL is correct and the page contains a standard HTML form. If the login uses a custom UI framework, provide explicit CSS selectors.

Audit scans the login page instead of the target

This usually means login failed. Check your credentials and ensure the test account is active. Also verify the "success URL" after login matches the target page.

CAPTCHA blocks login

Disable CAPTCHA for your test account or test environment, or use cookie-based authentication instead.

Related articles

Authenticated Page Auditing →

Cookie-based authentication for SSO/OAuth

Browser Audit →

Audit public pages without authentication