> ## Documentation Index
> Fetch the complete documentation index at: https://docs.frostline.run/llms.txt
> Use this file to discover all available pages before exploring further.

# Email & Password

> Configure email and password authentication so the Frostline agent can access your app during demos

## Overview

If your app uses email and password authentication, Frostline can sign in automatically during demos using provided credentials.

This method works by having the agent fill and submit your existing login form inside the demo environment. No special SDKs or backend changes are required.

<Warning>Email/password authentication does not work with OTP, CAPTCHA, magic links, or any interactive verification step. These must be disabled in the demo environment.</Warning>

***

## How it works

1. The agent navigates to your login page
2. It fills in the configured email and password
3. The form is submitted
4. On success, the agent proceeds with the demo

This flow:

* Uses your existing login UI
* Requires valid credentials
* Runs only in the demo environment
* Cannot bypass OTP, CAPTCHA, or 2FA

***

## Limitations

Email/password authentication will not work if your login flow includes:

* OTP or verification codes (email or SMS)
* CAPTCHA (reCAPTCHA, hCaptcha, etc.)
* Two-factor authentication (2FA)
* Magic link or passwordless login
* Any interactive verification step

The agent cannot read inboxes, receive SMS, or solve challenges.

***

<Steps>
  <Step title="Configure email and password credentials">
    Provide the credentials of the user account the agent should sign in as during demos.

    ### Required fields

    * **Email** – Email address of the demo user
    * **Password** – Password for the demo user

    ### Before you configure

    Make sure that:

    1. A **dedicated demo user account** exists
    2. You can log in with these credentials manually
    3. OTP, CAPTCHA, and 2FA are disabled
    4. The account has sufficient permissions for demos

    <Warning>Credentials are not validated when saved. If they are incorrect, demos will fail at runtime.</Warning>

    ### Security

    * Credentials are stored encrypted
    * They are injected only into a secure demo sandbox
    * The agent never exposes credentials in logs or recordings
    * Use a demo-only account with limited permissions
  </Step>

  <Step title="Prepare your demo environment">
    For reliable demos, your demo environment should:

    * Disable OTP and CAPTCHA
    * Disable 2FA for the demo user
    * Use a dedicated demo account (not a real customer)

    This setup allows the agent to authenticate without interruptions while keeping production security intact.

    If disabling these checks is not possible, use a different authentication method.
  </Step>
</Steps>
