Converting password-protected web pages to PDF is trickier than it sounds. You can't just pass a URL to a PDF library and expect it to magically log in. The rendering engine hits the login page, can't proceed, and you get a PDF of the login form instead of the protected content.
I've built PDF generators for internal dashboards, financial reports, and private documents. Here's how to handle authentication.
using IronPdf;
// Install via NuGet: Install-Package IronPdf
var renderer = new [ChromePdfRenderer](https://ironpdf.com/blog/videos/how-to-render-webgl-sites-to-pdf-in-csharp-ironpdf/)
{
LoginCredentials = new ChromeHttpLoginCredentials
{
NetworkUsername = "admin",
NetworkPassword = "password123"
}
};
var pdf = renderer.RenderUrlAsPdf("https://intranet.example.com/reports");
pdf.SaveAs("report.pdf");
This uses network authentication (basic auth or TLS). The renderer logs in before rendering the page.
What's the Best Way to Avoid Login Issues?
Don't convert protected URLs. Render HTML directly:
var html = GetProtectedHtmlSomeOtherWay(); // Already authenticated
var renderer = new ChromePdfRenderer();
var pdf = renderer.RenderHtmlAsPdf(html);
pdf.SaveAs("output.pdf");
If you're already authenticated (in an ASP.NET MVC controller, for example), fetch the HTML programmatically and pass it to IronPDF. No login required.
I built a dashboard where users could export their personalized reports to PDF. The reports were generated server-side with the user's session, so we never needed to authenticate against a URL. We just rendered the HTML string.
How Does Network Authentication Work?
Network authentication is basic HTTP auth or TLS client certificates. The browser prompts for username and password before showing the page.
var renderer = new ChromePdfRenderer
{
LoginCredentials = new ChromeHttpLoginCredentials
{
NetworkUsername = "testuser",
NetworkPassword = "testpass"
}
};
var pdf = renderer.RenderUrlAsPdf("https://secure.example.com/dashboard");
pdf.SaveAs("dashboard.pdf");
IronPDF's Chromium engine submits the credentials automatically. This works for:
- Intranet sites with Windows authentication
- APIs with basic auth
- TLS-protected resources
I use this for converting internal SharePoint pages and Jenkins build reports to PDF.
What About HTML Form Logins?
For username/password forms (like most public websites), specify the form's action URL:
var renderer = new ChromePdfRenderer
{
LoginCredentials = new ChromeHttpLoginCredentials
{
LoginFormUrl = "https://example.com/login",
NetworkUsername = "user@example.com",
NetworkPassword = "securepassword"
}
};
var pdf = renderer.RenderUrlAsPdf("https://example.com/protected-page");
pdf.SaveAs("protected.pdf");
IronPDF posts the credentials to the login form, gets the session cookie, then renders the protected page.
Important: Use the form's action URL, not the page URL. Inspect the login form's HTML:
<form action="/auth/login" method="post">
<input name="username" />
<input name="password" />
</form>
Set LoginFormUrl to https://example.com/auth/login.
How Do I Handle Custom Form Fields?
If the login form uses non-standard field names (not "username" and "password"), you'll need to download the HTML manually and submit the form yourself:
using System.Net;
var client = new WebClient();
var loginData = new System.Collections.Specialized.NameValueCollection
{
{ "email", "user@example.com" },
{ "pass", "securepassword" }
};
client.UploadValues("https://example.com/login", "POST", loginData);
// Now the client has the session cookie
var html = client.DownloadString("https://example.com/protected-page");
var renderer = new ChromePdfRenderer();
var pdf = renderer.RenderHtmlAsPdf(html);
pdf.SaveAs("output.pdf");
This logs in with WebClient, gets the session cookie, downloads the protected HTML, and renders it.
I used this pattern for a legacy application with bizarre form field names like usr_ident and cred_token.
Can I Use Cookies for Authentication?
Yes. If you already have a valid session cookie:
var renderer = new ChromePdfRenderer();
renderer.RenderingOptions.CustomCookies.Add(new System.Net.Cookie("sessionId", "abc123", "/", ".example.com"));
var pdf = renderer.RenderUrlAsPdf("https://example.com/dashboard");
pdf.SaveAs("dashboard.pdf");
This is useful when you're generating PDFs from an authenticated user's session. Grab their session cookie from the HTTP context and pass it to IronPDF.
I built a SaaS application where users could download their account statements. We used the user's existing session cookie to render their data — no separate login required.
How Do I Render ASP.NET MVC Views Without Authentication?
Render the view to a string first:
public IActionResult DownloadPdf()
{
var model = GetDashboardData(); // Your data
var html = RenderViewToString("Dashboard", model);
var renderer = new ChromePdfRenderer();
var pdf = renderer.RenderHtmlAsPdf(html);
return File(pdf.BinaryData, "application/pdf", "dashboard.pdf");
}
private string RenderViewToString(string viewName, object model)
{
ViewData.Model = model;
using (var sw = new StringWriter())
{
var viewResult = ViewEngines.Engines.FindView(ControllerContext, viewName, null);
var viewContext = new ViewContext(ControllerContext, viewResult.View, ViewData, TempData, sw);
viewResult.View.Render(viewContext, sw);
return sw.ToString();
}
}
The view renders server-side with the user's session, then converts to a string. No URL involved, so no authentication issues.
I use this for invoices, reports, and receipts in MVC applications.
What If I Need to Download Assets Too?
Use HtmlAgilityPack to find images, CSS, and JavaScript:
using HtmlAgilityPack;
using System.Net;
var client = new WebClient();
var html = client.DownloadString("https://example.com/page");
var doc = new HtmlDocument();
doc.LoadHtml(html);
foreach (var img in doc.DocumentNode.SelectNodes("//img"))
{
var src = img.GetAttributeValue("src", null);
if (!string.IsNullOrEmpty(src))
{
var imageBytes = client.DownloadData(src);
File.WriteAllBytes($"images/{Path.GetFileName(src)}", imageBytes);
}
}
var renderer = new ChromePdfRenderer();
var pdf = renderer.RenderHtmlAsPdf(html);
pdf.SaveAs("output.pdf");
This downloads all images referenced in the HTML. Useful when you need a self-contained PDF.
I built a website archiving tool that converted pages to PDF with all assets embedded.
How Do I Handle Two-Factor Authentication?
You can't automate 2FA with IronPDF — it requires human interaction. Instead:
- Use API tokens: If the site offers API access, fetch data via API and render to PDF
- Session impersonation: Get an authenticated session from a real user (with their consent) and use their cookie
- Render HTML directly: Fetch protected content server-side where you're already authenticated
For example, if you're building a feature where users download their own data, you're already authenticated as that user. Just render the HTML without hitting a URL.
Quick Troubleshooting
PDF contains login page instead of content:
- Verify
LoginFormUrlis the form'sactionURL, not the page URL - Check field names match the form's
nameattributes
Authentication fails silently:
- Test credentials in a browser first
- Check for CAPTCHA or bot detection
- Try using
WebClientto log in manually and inspect responses
Assets missing in PDF:
- Download HTML and assets first with
WebClient - Use absolute URLs in HTML
- Set base URL when rendering
Quick Reference
| Auth Type | Method |
|---|---|
| Network (basic auth) | Set LoginCredentials.NetworkUsername/Password
|
| HTML form | Set LoginCredentials.LoginFormUrl + credentials |
| Cookies | Set RenderingOptions.CustomCookies
|
| Already authenticated | Render HTML string directly |
| MVC views | Render view to string, then to PDF |
Key Principles:
- Avoid logins when possible — render HTML directly
- Use network auth for intranets and basic auth
- Use form auth for public login pages
- Use cookies when you have a valid session
- Never automate 2FA — use API tokens instead
The complete authentication guide covers edge cases like multi-step logins and OAuth.
Written by Jacob Mellor, CTO at Iron Software. Jacob created IronPDF and leads a team of 50+ engineers building .NET document processing libraries.
Top comments (0)