Handling sites with authentication

New Relic Synthetics monitoring supports a variety of authentication mechanisms. Depending on the type of monitor you choose, this includes Basic, Digest, NTLM, and NTLMv2.

Supported authentication by monitor type

Support for various monitor types may depend on your site configuration.

Synthetics monitor type Basic Digest NTLM* NTLMv2*
Ping [check]
Simple browser [check] [check] [check] [check]
Scripted browser [check] [check] [check] [check]
API test [check]

*For NTLM and NTLMv2, Synthetics uses a Chrome browser in a Linux environment, so your configuration must be compatible with this client-side environment. It must also allow URI-encoded credentials.

Provide authentication credentials

Monitors provide authentication credentials by encoding them in the requested URL, such as http(s)://username:password@site.com. To do so, use the encodeURIComponent('string') JavaScript function in your script. For example:

var username = encodeURIComponent('username');
var password = encodeURIComponent('password');
var url = 'https://' + username + ':' + password + '@site.com';

For ping and simple browser monitors, you can use the following form to encode your values:

The full URL http(s)://username:password@site.com will be recorded as plain text in the corresponding Synthetics check data. The URL will be visible when viewing results for this monitor within New Relic Insights or the Synthetics UI.

Code examples

Here are code examples for some monitor types:

Scripted browser

$browser.get('https://username:password@site.com').then(function(){
  $browser.takeScreenshot();
});
$browser.get('https://username@domain.com:password@site.com').then(function(){
  $browser.takeScreenshot();
});

API test

$http.get('https://username:password@site.com', function(err, resp, body){
  console.log(err, resp, body);
});

Troubleshoot NTLM authentication issues

You can check if Synthetics will be able to properly authenticate against your NTLM endpoint, using cURL. You must use a host with access to your endpoint. To do this, run the following command, with the URL replaced by the endpoint you want to test:

$ curl -v --ntlm http://example.com

In the output from that command you should see the following response header telling you the server is offering NTLM over HTTP as a valid authentication mechanism:

WWW-Authenticate: NTLM 

For more help

Additional documentation resources include:

Recommendations for learning more: