To launch a web automation or web agent that authenticates on behalf of users, there are multiple ways to pass the credentials to your app:

1. Deployment environment variables

Deploy your app with the credentials as environment variables. Then, your invocation can use them at runtime.

app.action("authenticated-action", async (ctx: KernelContext) => {
    const username = process.env.USERNAME;
    const password = process.env.PASSWORD;
    if (!loggedIn()){ // Check for whether the user is already logged in on the website
        login(username, password)
    }
    // Rest of your browser automation logic
});

2. Runtime variables

For use cases that login on behalf of many users (such as platforms acting on behalf of end users), pass the credentials at runtime using the payload parameter.

Make sure to use encryption standards in your app to protect the credentials.

app.action("authenticated-action", async (ctx: KernelContext, payload: { encryptedUserName: string, encryptedPassword: string }) => {
    if (!loggedIn()){ // Check for whether the user is already logged in on the website
        username = decrypt(encryptedUserName);
        password = decrypt(encryptedPassword);
        login(username, password)
    }
    // Rest of your browser automation logic
});