Skip to main content
Authenticated Profiles

Log in once. Run authenticated sessions at scale.

Stop rebuilding login flows for every automation run. Authenticated Profiles capture browser authentication state once – cookies, localStorage, and IndexedDB – so every session after starts already signed in.

Get startedSee the docs

What you can do with Authenticated Profiles

Authenticated Profiles move login state out of your scripts and into the session launch layer. Your authentication process stays clean. User identity is verified once. Workers can scale without credential sprawl.

Capture auth state once
Call Browserless.saveProfile after login and save cookies, localStorage, and IndexedDB – the full authentication state – to a named profile scoped to your API token.
Reuse across parallel sessions
Pass ?profile=<name> at launch so every session starts from the same saved state. No repeated login flows, no coordination between workers.
Skip login logic in every script
Authentication becomes a launch-time option, not code that runs inside every worker. Your scripts stay focused on the task, not the authentication flow.
Keep sessions isolated by default
Each session gets its own working copy of the profile. Changes during one run don't affect the saved state or concurrent authenticated sessions.
Combine with Persisted Sessions
Launch a long-lived browser that starts from a saved profile. The profile hydrates auth state at launch and the session persists normally from there.
Manage profiles through a REST API
List, rename, and delete profiles via REST endpoints. Profile names are scoped to your token, so different projects and accounts stay separated.

What changes in your automation workflow

Unlike most authenticated browser automation, Authenticated Profiles doesn’t force you to repeat the authentication process on every run or keep a fragile live session alive.

The old pattern

Job 1
Log in
Scrape
Job 2
Log in
Scrape
Job 3
Log in
Scrape

Authenticated Profiles

Create profile onceSave auth state
Job 1
launch with?profile=vendor-dashboard
Job 2
launch with?profile=vendor-dashboard
Job 3
launch with?profile=vendor-dashboard

One session never scales

A long-running session might feel like the easier option, but it creates a ceiling on concurrency and makes strong authentication harder to maintain.

Before

  • Login state is tied to one live session or machine
  • Parallel work needs multiple logins or fragile session sharing
  • Routing and concurrency get harder as you scale
  • Session changes can mutate the auth state you depend on
  • Login logic ends up inside every script

Authenticated Profiles

  • Login state saved as a portable, reusable profile
  • One profile fans out to many isolated authenticated sessions
  • Any eligible worker can hydrate the same profile
  • Each session gets a clean copy – changes stay isolated
  • Authentication becomes a launch-time option

Get started with Authenticated Profiles

Profile creation needs a CDP-capable client – Puppeteer, Playwright, or raw CDP – because Browserless.saveProfile is a CDP method. Once a profile exists, use it from BrowserQL, REST endpoints, and WebSocket connections.

1

Launch a creation session

Call POST /profile with a name for the profile. You’ll get back a WebSocket URL to connect to and a stop URL to terminate the session early. The creation session expires after 10 minutes if you don’t save before then.

curl -X POST "https://production-sfo.browserless.io/profile?token=YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "name": "vendor-dashboard" }'
2

Connect and authenticate

Connect to the returned WebSocket URL and complete the login with a CDP-capable client. For CAPTCHAs, two-factor authentication, or login flows that are hard to script, hand off the creation session to a human via a live URL.

const browser = await puppeteer.connect({ browserWSEndpoint: session.connect });
const page = await browser.newPage();
await page.goto('https://app.example.com/login');
await page.type('#email', process.env.APP_EMAIL);
await page.type('#password', process.env.APP_PASSWORD);
await page.click('button[type="submit"]');
await page.waitForNavigation();
3

Save the profile

Once the browser holds the authenticated state, send the Browserless.saveProfile CDP method. Browserless captures cookies, localStorage, and IndexedDB from the live browser – the full authentication state for that session – and stores it under the profile name. The name you pass to Browserless.saveProfile is what gets stored. The name in Step 1 is advisory and doesn’t have to match.

const cdp = await page.target().createCDPSession();
const result = await cdp.send('Browserless.saveProfile', { name: 'vendor-dashboard' });
await browser.close();
// { ok: true, profileId: '...', name: 'vendor-dashboard', cookieCount: 15, originCount: 1 }
4

Use the profile in any session

Pass ?profile=<name> on any browser-launching request and Browserless loads the captured state before your code runs. The profile works across WebSocket connections, REST endpoints, BrowserQL, and Persisted Sessions – await browser.connect() is the only thing between your worker and a fully authenticated session.

const browser = await puppeteer.connect({
  browserWSEndpoint: `wss://production-sfo.browserless.io?token=${TOKEN}&profile=vendor-dashboard`,
});
const page = await browser.newPage();
await page.goto('https://app.example.com/dashboard'); // already logged in

How to get the most out of Authenticated Profiles

Wherever a browser needs to access a secure web application behind a login, Authenticated Profiles remove the overhead of getting it there. Here are the most common patterns.

Scrape authenticated dashboards
Attach the same profile to every scraping worker so jobs against dashboards, analytics accounts, and customer portals access the right data without embedding login logic in the script.
Run role-based QA flows
Create a profile per account role – admin, billing, or read-only – and start each test run from the right user identity without repeating the full authentication process.
Automate recurring internal tasks
Use profiles for invoice downloads, report exports, and account checks. Complete the login once, save the profile, and attach it whenever the scheduled job runs.
Give AI agents a verified starting point
Instead of teaching an agent to navigate a login flow on every run, give it a session that starts with a verified authentication state already in place, so it can focus on the actual task.
Scale workers without sharing credentials
One profile fans out to as many parallel sessions as you need. Workers get an isolated copy of the auth state, instead of competing over a single live browser or sharing a secret key.
Persist long-running authenticated workflows
Combine a profile with a Persisted Session when you need a long-lived browser that starts from a saved auth state. The profile loads at launch; the session continues from there.
AI agents

Use Authenticated Profiles with AI agents

Browserless’s MCP integration and Authenticated Profiles give AI agents access to the real, logged-in web, so agents can navigate authenticated web applications, retrieve data from account-gated pages, and run parallel workflows without handling user credentials on every call.

Browser MCP with saved auth state
Connect AI agents through Browserless’s MCP server and attach a named profile at launch. The agent starts with cookies and storage already in place – no login step required.
Parallel agent sessions from one login
Fan the same authenticated profile out to concurrent agent sessions. Each gets an isolated copy of the auth state, so agents don’t interfere with each other or corrupt the saved profile.
Authenticated data extraction at scale
Research agents, support bots, and data extraction workflows can retrieve data from authenticated SaaS tools, dashboards, and account-gated reports – without passing user credentials into every run.
Check out the MCP

Start with one login, scale to many sessions

Authenticated Profiles are available on Browserless today. Sign up free – no credit card required.

Read the docs

Browser authentication FAQs