Skip to main content
An identity is a specific account on an application — for example “John’s LinkedIn” or “Acme Corp Salesforce admin.” When you attach an identity to a session or task, Anchor signs in on your behalf before automation runs.

What an identity contains

An identity is more than a username and password. After a successful login, Anchor persists everything needed to stay signed in: What Anchor can do on the next run depends on what was saved. An identity with credentials and a valid browser profile starts signed in immediately. An identity with only a browser profile (for example after manual login) works until the site expires the session — then someone must sign in again.

Quick start: create an identity

Create an identity with credentials for the target application. If the application uses a preset auth flow, pass authOptionId with the flow ID.
For end-user self-service authentication in your app, use Embedding End-User Authentication UI.

Use an identity in browser sessions

Pass the identity ID in the identities array when creating a session. Anchor authenticates before your agent or automation starts.
Optional session flags:

Use an identity in tasks

Pass identity_id when running an Automation Task. Anchor creates a browser session, authenticates with the identity, then executes the task.
You can also pass session_id to run a task inside an existing authenticated session, or set identity_skip_validation to skip profile validation before the run.

When Anchor re-authenticates

Each time a session or task starts with an identity attached, Anchor decides whether a full login is needed:
  1. Browser profile is still valid — Anchor loads the saved profile and the session starts signed in. No login steps run.
  2. Browser profile expired, credentials available — Anchor runs the application’s auth flow using stored credentials (including MFA methods like email OTP or authenticator). The profile is refreshed for next time.
  3. Browser profile expired, no credentials — Common for manual-login identities. Anchor cannot re-authenticate automatically. Sign in again via the dashboard or generate a re-authenticate link with POST /v1/identities/{identityId}/re-authenticate-token.
Re-authentication requires the identity to have the credentials or auth flow needed for the site’s login steps. If the site adds a new MFA requirement that wasn’t saved on the identity, update the identity or re-authenticate manually.

Identity metadata

Add custom metadata to identities for filtering and organization. Metadata is a flexible key-value store.

Creating an identity with metadata

Filtering identities by metadata

Managed Authentication Overview

Profiles vs identities and how everything connects

Applications

Configure target sites and auth flows

Run a Task

Execute automation tasks with an identity

Embedding End-User Auth UI

Let end users connect accounts from your product

Email MFA

Email OTP via forwarded inbox

API Reference

Identity endpoints