Automate login
Most of the work worth automating sits behind a login. A bot can sign in for you, then do whatever you would do once you are in, fill a form, pull a report, download a file. There are two ways in, carry your existing session or sign in as steps. There are three ways to start, with no code, with code, or with a Claude skill.
What I mean by automating login
Automating login means a bot gets past the sign-in page so it can do its real job. It either reuses the session you are already logged into, or it enters a username and password the way you would, then carries on. Login is rarely the task by itself. It is the step that unlocks the form, the dashboard, or the file you actually came for.
Login is the door, not the destination
Nobody automates a login for its own sake. You automate it to reach what is behind it, the orders to update, the report to pull, the invoices to download. So the real question is not how to log in, it is how to stay logged in long enough to get the work done.
There are two ways in. Carry your session, where the bot uses the cookies from a browser you are already signed into, so it never types a password. Or sign in as steps, where the bot enters the username and password itself. Cookies are simpler and safer when they work. Steps are more reliable for a fresh cloud run with no session to borrow. Most setups use one or the other, and the right pick depends on where the bot runs.
Who this is for
This is for anyone whose work lives behind a login. Pulling numbers from a dashboard you sign into, updating records in a portal, downloading statements from a bank or a SaaS tool. The login is just the gate you pass every time, and a bot can pass it for you. No-coders and coders both, since you can build it without code and drop into code when you want.
How I'd approach it
Try cookies first. If you run on the desktop, the bot can use the session from your own Chrome, so there is no password anywhere in the automation. If you run in the cloud with no session to borrow, sign in as steps and store the credentials securely rather than in plain text. Either way, build everything after the login first and add the sign-in last, so you are not logging in over and over while you test.
Cookies if you can, steps if you must, login last. That order is faster and safer. I would lay out the first draft with Build with description.
Automate login from a description
Describe the sign-in in plain words in the Chrome extension and it builds the steps for you. Give it a few short lines, check what it made, and run it. Explore no-code.
To the right is an example. Describe the sign-in, or skip it by carrying your session, and the AI lays out the steps.
Chrome extensionInstructions
- Go to the login page20 / 500
- Enter the username18 / 500
- Enter the password18 / 500
- Click sign in13 / 500
- Carry on to the dashboard25 / 500
Automate login in code
Build with code. If you would rather script it yourself, this is the path. Explore code
Connect Playwright (or Puppeteer) to our cloud Chromium and write the same scripts you'd run locally, without managing the browser.
Code toolimport { chromium } from "playwright";
const browser = await chromium.connectOverCDP(
`wss://cdp-lb.axiom.ai/?token=${process.env.AXIOM_API_KEY}`
);
try {
const context = browser.contexts()[0];
const page = context.pages()[0] ?? await context.newPage();
// Sign in as steps. Keep the credentials in env vars, never in the code.
await page.goto("https://example.com/login");
await page.fill("#email", process.env.SITE_EMAIL);
await page.fill("#password", process.env.SITE_PASSWORD);
await page.click("button[type=submit]");
// Wait until you are actually in before doing the real work
await page.waitForSelector(".dashboard");
// Now do whatever sits behind the login
await page.goto("https://example.com/reports");
// ...extract, download, or input here
} finally {
await browser.close();
}
Build with a Claude skill
Build no-code or code bots with a skill.
Add the Claude skill and describe the site and how you sign in. It builds the bot for you, no-code or code, with cookies or a sign-in step, then on to the work behind the login.
What can you do behind a login?
Anything you can do once you are in. A couple of cases worth knowing first.
Works well
- Pulling reports from a dashboard
- Updating records in a portal
- Downloading statements and files
- Filling forms behind a login
- Reusing your existing session with cookies
Harder
- 2FA and one-time codes
- Captcha on the login page
- Sessions that expire mid-run
Don't try
- Logging into accounts that are not yours
- Sharing or selling credentials
- Anything against a site's terms
What I'd watch out for
The login is the riskiest part to get wrong, for your data and for the account. Here is what I would watch for.
Storing passwords
Never put a password in plain text in the bot. Use secure credential storage, or pull it from an environment variable. Better still, skip the password entirely by carrying your existing session with cookies.
Cookies expire
A stored session does not last forever. When the bot suddenly lands on the login page, the cookies have expired. Refresh them, or fall back to a sign-in step. Build for the day the session runs out, because it will.
2FA
Two-factor login is the hard one. Some flows work if the bot can read a code from email or an app, others cannot. The cleanest fix is often to carry a session that is already past 2FA, so the bot never faces the prompt.
Sign in last
Add the login step after everything else works. Testing a flow that logs in on every run is slow and can trip a site's checks. Build the work first, attach the login at the end.