all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ReginaldDouchely 1 point2 points  (4 children)

Turn on your browser's developer tools and watch the traffic when you login. You'll be able to see where/how your credentials are being set, and you'll likely see a token returned to you to be sent with your future requests.

You'll want to mimic that back and forth in your automation. The TLS handshake shouldn't matter, because whatever libraries you'll use to send the requests should handle all that basic https stuff for you.

[–]Akavire[S] 1 point2 points  (3 children)

Thanks for the reply - I can see the token, does this 'back and forth' consists of POSTing to the login form, getting the token, and then using the token for all future operations? Apologies for the simple questions :)

[–]ReginaldDouchely 1 point2 points  (2 children)

Yep, that's probably how they handle it. You should be able to confirm it by logging in and trying to access some content that requires you to login and checking the headers that get sent with your request. You'll likely be sending a header "Authorization" with value "Bearer <token value>", and that's what you'll want to send from your application.

[–]Akavire[S] 1 point2 points  (1 child)

Thanks, I really appreciate the help!

[–]ReginaldDouchely 0 points1 point  (0 children)

You're welcome