Managing Projects
Create projects, switch between the eight tabs, configure tokens and login scripts, set up environments, manage team roles, and delete safely.
Managing Projects
A project in AegisRunner is one website (or one environment of one website). Every scan, suite, run, and integration belongs to a project. This guide covers creating projects, the eight tabs on a project page, and per-project configuration like login scripts and environments.
Plan limits
| Plan | Projects | Team members per workspace |
|---|---|---|
| Free | 1 | 1 |
| Starter | 3 | 1 |
| Pro | 10 | 5 |
| Business | 25 | 15 |
| Enterprise | Unlimited | Unlimited |
If you need a separate project for staging vs. production of the same site, that counts as two projects.
Creating a project
Click Projects in the sidebar, then + New Project.
- Name (required) — what you'll see in the sidebar.
- Base URL (required) — the starting URL for scans, including the protocol (
https://) and no trailing slash. - Description (optional) — a one-liner so teammates know what this project covers.
The Scan immediately after creating checkbox is on by default. With it on, the first scan kicks off as soon as the project is saved — usually fastest path to seeing tests. Uncheck it if you want to configure environments or login scripts first.
Click Create Project. You'll land on the project detail page, where the rest of this guide picks up.
- Always include
https://(orhttp://). - No trailing slash.
- Use the URL where your real users land. The scanner will follow links from there.
- If your site is behind a login, you'll add a login script under Project Config after creating the project.
The project page tabs
Each project has eight tabs across the top:
| Tab | What's there |
|---|---|
| Tests | All test suites for this project, with run buttons and pagination. |
| Recent Runs | The latest test runs in this project. |
| Trends | Pass-rate trend chart, slowest tests, runs over time. |
| Scans | Every scan that's been run on this project. |
| Recommendations | Cross-scan recommendations — accessibility, SEO, security, performance — sorted by severity. |
| Team | Project members, roles, and the invite flow. |
| Integrations | CI tokens, webhooks, deployment hooks, issue trackers, notification channels. |
| Project Config | Project metadata, test environment, AI settings, danger zone (delete). |
Tab state is in the URL — share ?tab=integrations&sub=cicd to deep-link a teammate straight to the CI/CD setup.
Project Config
Settings
- Name and Description — same fields as the create form. Editable any time.
- Base URL — change carefully. If you have a baseline, changing the base URL invalidates it.
- Slug — auto-generated, used in URLs. You can edit it.
Test Environment
This is where you configure how scans and tests authenticate. Four sub-tabs:
| Sub-tab | What you put there |
|---|---|
| Tokens | API keys, bearer tokens, bypass tokens. Available to test steps as {{TOKEN_NAME}}. |
| Cookies | Pre-auth cookies. The scanner injects these before navigation, so your tests can reach pages behind a login without re-doing the login flow every run. |
| Headers | Custom HTTP headers applied to every request — useful for debug flags, version pinning, or tagging traffic in your logs. |
| Login | A Playwright-style script that runs before each test session. Templates included for username/password, Google OAuth, Microsoft SSO, Auth0, and Okta. |
{{LOGIN_USER}} / {{LOGIN_PASSWORD}}.
Environments Pro+
Pro and Business plans support multiple environments per project (e.g. staging, preview, production). Each environment can override:
- Base URL
- Tokens, cookies, headers, login script
- Bypass tokens for bot-detection middleware
Pick the environment when starting a scan or running tests. CI triggers can target a specific environment too.
AI Config
- Custom prompt — extra instructions for AI test generation (e.g. "prefer ARIA roles over CSS classes", "never assert on user-generated content").
- BYOK (Bring Your Own Key) — Starter and above can use their own OpenAI / Anthropic / OpenRouter API key for AI generation. The key is stored encrypted and never leaves AegisRunner.
- Model selection — pick which model is used for test generation, scenario planning, and triage.
Baseline
- The current baseline scan, with link to the scan result.
- Buttons to clear the baseline, view the manifest, or set a new baseline.
- See Baseline Replays.
Danger zone
At the bottom of Project Config:
- Archive — hides the project from the main list but keeps all data. Reversible.
- Delete — soft-deletes the project. Scans, suites, runs, and integrations all become inaccessible. The owner can restore within 30 days; after that it's permanent.
Team and roles
The Team tab shows project members. AegisRunner has two role layers:
Organization roles
| Role | What they can do |
|---|---|
| Owner | Everything — billing, deleting projects, managing the org. |
| Admin | Manage projects and members, but not billing. |
| Member | Use whatever projects they're added to. |
| Viewer | Read-only across the workspace. |
Project roles
| Role | What they can do in this project |
|---|---|
| Owner | Everything in the project, including deleting it. |
| Admin | Edit settings, run scans, run tests, manage members. |
| Member | Run scans and tests, view results. |
| Viewer | Read-only. |
Add existing org members to a project from the Team tab. Invite new people via Settings → Team; invitations expire after 7 days. See Roles & Permissions.
Integrations (per project)
Each project gets its own:
- CI trigger token — for kicking off scans / runs from your pipeline. CI/CD setup.
- Deployment webhooks — Vercel, Netlify, GitLab, generic. Auto-trigger scans on deploy. Deployment webhooks.
- Outbound webhooks — HMAC-SHA256-signed callbacks on run completion.
- Notification channels — email / Slack / Discord / Teams. Filter per channel by event type. Notifications.
- Issue tracking — GitHub Issues or Jira, auto-create on failure. Issue tracking.
Selecting and switching projects
Click any project card on the Projects page to select it. The selected project becomes the context for the dashboard, the Scan modal, the Test Suites page, and most other places. Switch projects from the sidebar selector.