Home ci 17. security / deployment-protection / methods-to-bypass-deployment-protection: Protection Bypass for Automation

17. security / deployment-protection / methods-to-bypass-deployment-protection: Protection Bypass for Automation

Last updated on Aug 05, 2025

Protection Bypass for Automation

Overview

Epycbyte's Protection Bypass for Automation feature allows you to temporarily bypass deployment protection mechanisms, such as password protection, authentication, and trusted IPs, for automated tools like end-to-end testing. This is particularly useful when automating processes that require access to your application.

Table of Contents

  1. Compliance Measures
  2. Methods to Bypass Deployment Protection
  3. Protection Bypass for Automation
  4. How-to Protection Bypass for Automation

Compliance Measures

  • Shared Responsibility: Ensure that compliance measures are shared between your team and Epycbyte.
  • Firewall Access Control: Implement strict firewall rules to control access to sensitive areas.
  • SAML/SSO: Use Single Sign-On (SSO) solutions for secure authentication.
  • HTTPS/SSL: Enforce HTTPS to secure data in transit.
  • Directory Sync: Synchronize directories for user management.

Methods to Bypass Deployment Protection

  • Password Protection: Temporarily disable or bypass password protection for automated tools.
  • Epycbyte Authentication: Use generated secrets to bypass Epycbyte's authentication layer.
  • Trusted IPs: Extend trusted IP ranges for testing environments.

Protection Bypass for Automation

  • Generated Secret: A secret value is created to bypass deployment protection.
  • System Environment Variable: The secret is automatically added as epycbyte_AUTOMATION_BYPASS_SECRET to your deployments.
  • Redeployment Requirement: Updating the secret will require redeploying your application.

Who Can Manage Protection Bypass for Automation?

  • Team Members: Those with at least the "Member" role can manage bypass settings.
  • Project Administrators: Users with the "Project Administrator" role have full control.

Using Protection Bypass for Automation

  1. Set Header or Query Parameter: Use x-epycbyte-protection-bypass header or query parameter with your generated secret. 
    x-epycbyte-protection-bypass: your-generated-secret
  2. Optional Advanced Configuration:
    • Cookie Bypass: Set x-epycbyte-set-bypass-cookie to true for in-browser testing. 
      x-epycbyte-set-bypass-cookie: true
    • SameSite Configuration: For iframe scenarios, set samesitenone. 
      x-epycbyte-set-bypass-cookie: samesitenone

Example: Playwright Configuration

const config: PlaywrightTestConfig = {
  use: {
    extraHTTPHeaders: {
      'x-epycbyte-protection-bypass': process.env.epycbyte_AUTOMATION_BYPASS_SECRET,
      'x-epycbyte-set-bypass-cookie': true | 'samesitenone' // optional
    }
  }
};

Last Updated

Last updated on July 24, 2024.

Was this helpful? Send your feedback.