{"id":15761,"library":"playwright-client-certificate-login","title":"Playwright Client Certificate Authentication","description":"playwright-client-certificate-login is a Node.js utility, currently at version 0.0.3, designed to streamline client certificate-based authentication within Playwright automation scripts. It abstracts the complexities of configuring Playwright's browser context to utilize PFX/PKCS12 files or separate PEM certificate and key files, including their associated passphrases. The library provides a `CertificateAuthSession` class that manages the entire authentication process, from launching a browser and navigating to the specified URL, to making the authenticated browser context, page, cookies, and headers accessible. Given its early version, the package is in active development with an implied irregular release cadence, primarily focusing on robust client certificate handling for scenarios such as SAP BTP and other enterprise authentication systems.","status":"active","version":"0.0.3","language":"javascript","source_language":"en","source_url":null,"tags":["javascript","sap","btp","authentication","playwright","wdio","webdriverio","client-certificate"],"install":[{"cmd":"npm install playwright-client-certificate-login","lang":"bash","label":"npm"},{"cmd":"yarn add playwright-client-certificate-login","lang":"bash","label":"yarn"},{"cmd":"pnpm add playwright-client-certificate-login","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Core automation library used internally for browser control and context management.","package":"playwright","optional":false}],"imports":[{"note":"The README primarily shows CommonJS `require`. For modern Node.js and TypeScript projects, prefer ESM `import` as shown.","wrong":"const CertificateAuthSession = require('playwright-client-certificate-login').CertificateAuthSession;","symbol":"CertificateAuthSession","correct":"import { CertificateAuthSession } from 'playwright-client-certificate-login';"}],"quickstart":{"code":"import { CertificateAuthSession } from 'playwright-client-certificate-login';\nimport path from 'path';\n\nasync function authenticateWithCert() {\n  const pfxPath = process.env.PFX_CERT_PATH ?? path.resolve(__dirname, './your-certificate.pfx');\n  const passphrase = process.env.CERT_PASSPHRASE ?? 'your-certificate-passphrase';\n\n  if (!pfxPath || !passphrase) {\n    console.error('Environment variables PFX_CERT_PATH and CERT_PASSPHRASE must be set, or provide hardcoded defaults.');\n    return;\n  }\n\n  const options = {\n    origin: 'https://your-secure-domain.com',\n    url: 'https://your-secure-domain.com/dashboard',\n    pfxPath: pfxPath,\n    passphrase: passphrase\n  };\n\n  const session = new CertificateAuthSession(options);\n  try {\n    console.log('Attempting authentication...');\n    await session.authenticate();\n\n    const cookies = await session.getCookies();\n    const headers = session.getHeaders();\n    console.log('Authentication successful. Cookies:', cookies.map(c => c.name));\n    console.log('Prepared Headers:', headers);\n\n    // Example: Interact with the authenticated page\n    const page = session.getPage();\n    await page.screenshot({ path: 'authenticated-dashboard.png' });\n    console.log('Screenshot taken: authenticated-dashboard.png');\n\n  } catch (error) {\n    console.error('Authentication failed:', error);\n  } finally {\n    console.log('Closing browser session.');\n    await session.close();\n  }\n}\n\nauthenticateWithCert();","lang":"typescript","description":"Demonstrates authenticating to a web application using a PFX client certificate, capturing cookies, headers, and taking a screenshot of the authenticated page."},"warnings":[{"fix":"Refer to the latest README or GitHub releases for any changes when updating the package.","message":"As a pre-1.0.0 package (currently 0.0.3), the API surface is subject to change without strict adherence to SemVer, potentially introducing breaking changes in minor or patch releases.","severity":"breaking","affected_versions":">=0.0.1"},{"fix":"Consider using Playwright's `clientCertificates` option in `use` block of `playwright.config.ts` for native integration if this package's abstraction is not precisely what's needed.","message":"Playwright itself introduced native client certificate support in version 1.46. While this package simplifies the process, direct Playwright configuration might offer more flexibility or be preferred for complex scenarios.","severity":"gotcha","affected_versions":">=0.0.1"},{"fix":"Always use environment variables (e.g., `process.env.PFX_PASSPHRASE`) or a secure secret management system to inject certificate credentials at runtime.","message":"Handling sensitive certificate passphrases and paths requires careful environment management. Hardcoding them is a security risk.","severity":"gotcha","affected_versions":">=0.0.1"},{"fix":"Ensure that the `origin` specified exactly matches the server's certificate request origin. Test thoroughly in different browser environments. In some stubborn cases, manual interaction might be unavoidable or a different approach (like using an authentication proxy) might be necessary.","message":"Client certificate authentication can sometimes still trigger a manual certificate selection pop-up in the browser, even with programmatic configuration, depending on the browser, OS, and specific server configuration.","severity":"gotcha","affected_versions":">=0.0.1"}],"env_vars":null,"last_verified":"2026-04-21T00:00:00.000Z","next_check":"2026-07-20T00:00:00.000Z","problems":[{"fix":"Ensure `origin`, `url`, and one of (`pfxPath`/`pfxBuffer`) or (`certPath`/`certBuffer` and `keyPath`/`keyBuffer`) are supplied in the options object.","cause":"One or more mandatory options (e.g., `origin`, `url`, and a certificate/key pair) were not provided to the `CertificateAuthSession` constructor.","error":"Error: Required options are missing"},{"fix":"Verify that the file paths are correct and absolute, and that the Node.js process has the necessary permissions to access the certificate files.","cause":"The paths provided for `pfxPath`, `certPath`, or `keyPath` are incorrect, or the process lacks read permissions for the specified files.","error":"Error: Certificate files cannot be read"},{"fix":"Increase the `timeout` option in the `CertificateAuthSession` constructor for pages with longer loading times, or debug network issues/authentication flow if the page genuinely isn't loading.","cause":"The page specified by the `url` option took longer than the default 30 seconds (or custom `timeout`) to load after the certificate was provided.","error":"Authentication failed: Error: Page load timeout exceeded"}],"ecosystem":"npm"}