The most requested feature by our users the past year has been the ability to scan behind a login. With our update today we now support scanning behind a login for cookie, basic and API token (local storage) authentication types. This is feature is available to all customers at no additional cost. Pages scanned behind a login count as a page the same as a page not behind a login. To add this to your account create a ticket from within the Pope Tech application or contact support.
This feature can be used to scan any page with a unique url that is behind a login. With this update, we now scan the inside of the Pope Tech application weekly with Pope Tech itself. Use cases our users have had are web applications, archives, portals, shopping carts, protected development sites, etc. Basically anything with a login.
Pope Tech is not intended to be used to scan any pages that contain sensitive or confidential content. Credentials used should be a demo user.
The ability to crawl behind a login is a feature request we are considering adding, pages are currently added manually or via a csv for scanning behind a login.
You can read more about how this works on our Pope Tech Guide: Scanning behind logins.