How do you take a screenshot from behind a login?
Most screenshot services do not support taking screenshots behind a login. However, GrabzIt provides several powerful methods to enable this. As websites use cookies to identify a user, replicating a user's session is the most reliable way to capture content behind a login. This cookie-based approach is the universal method for accessing secure content across all of GrabzIt's tools, including our Screenshot Tool, Web Scraper, and Web Monitor.
Import a Cookie File (Recommended Method)
The easiest and most reliable way to replicate a user's session is to use our new Cookie Importer. This tool allows you to upload a simple text file containing all the necessary cookies from your browser session.
By importing a cookie file, you ensure that GrabzIt has access to the complete session, including cookies set on subdomains, which is often essential for modern websites to function correctly. This is the recommended approach for capturing complex dashboards or user-specific reports.
Set Session Cookies Programmatically (Advanced)
For automated workflows, you can specify a user's session cookies directly in your code. When you create a capture, GrabzIt will use these cookies to view the web page just as the user would. This is very useful if you want to do things like capture a report in a user's dashboard programmatically.
In this example, we are assuming there is only one cookie involved in the user's session called PHPSESSID. However, there could be more than one, and they could be named differently. 
One way to debug cookie issues is by signing into the target website and using the browser's built-in developer tools (press F12 in Chrome).
To set cookies programmatically, you need to use a server-side language, as JavaScript won’t have access to the HTTP-only cookies often associated with user sessions. Pass all of the cookies involved in a user’s session using the SetCookie method, and GrabzIt will automatically be able to use the user's session.
$sessionValue = $_COOKIE['PHPSESSID'];
$grabzIt->SetCookie('PHPSESSID', 'example.com', $sessionValue);
$grabzIt->URLToImage('http://example.com/dashboard.php');
$grabzIt->Save('http://example.com/handler.php');
You can also set cookies manually in the custom cookies page in your account.
Other Methods for Accessing Protected Pages
Capture the HTML
Use our JavaScript API to send us the HTML of the web page that is behind the login. As long as none of the web page resources, such as CSS, JavaScript, and images, are restricted, it should capture the user's web page correctly, as shown in this example.
Post to a login form
This login method will only work if the web page you want to capture is the page directly after the login screen or if the website provides a redirect URL that the browser will follow after a successful login.
Specify Basic Authentication Credentials
Some web pages use basic authentication, where the browser prompts the user to authenticate. GrabzIt enables you to screenshot these web pages by specifying your basic authentication credentials.
Frequently Asked Questions (FAQ)
What is the Netscape cookie file format?
The Netscape cookie file format is a simple, standardized text file for storing web cookies. Each line in the file represents a single cookie and contains information like the domain, path, expiration date, and value. Most browser extensions, like Cookie-Editor, can export cookies in this format, which is often saved as a .txt file.
Is it secure to upload my cookies to GrabzIt?
Yes, it is secure. Your cookie files are transmitted over an encrypted connection (HTTPS) and are stored securely. They are used only for the captures you initiate and are not accessible to anyone else. For maximum security, we still recommend creating separate, less-privileged user accounts for automated capturing when possible.
Why do I need to include cookies from subdomains?
Modern websites often use multiple subdomains for different services (e.g., auth.example.com, api.example.com, app.example.com). Authentication and session cookies may be set on these subdomains but are required for the main website to function correctly. Failing to include all of them can lead to incomplete captures or being redirected to a login page.
What's the difference between using the Cookie Importer and setting cookies programmatically?
The Cookie Importer is a manual process, perfect for one-off captures or when setting up a recurring task through the web interface. It's the easiest method as it captures the entire browser session state. Setting cookies programmatically via the API is an advanced method designed for automated workflows where you need to dynamically create captures for different user sessions within your application code.