How can I have Google Cloud Security Scanner log into my app?

[Joshua Fox יהושע פוקס‎]

I'd like to have  Google Cloud Security Scanner authenticate against a webform in my GAE app. 

I asked it to authenticate against a "Non-Google Account" -- in other words, user-name/password fields in my webapp. However, I get back the message "Could not sign in using the provided username and password" each time.

(I tried it several times, specifying different user-agents and credentials and against two variants of my login page; and of course confirming that the credentials work when typed in manually. I have the necessary Editor-level permissions on the Google Cloud project.)

What do I need to do to get the Scanner to authenticate?

P.S. Also asked on StackOverflow, but no answer there so far.

[Adam (Cloud Platform Support)]

I posted an answer to the Stack Overflow question. Since login form support is in development it may sometimes fail to work, so creating an alternate simplified form may be one solution. Unfortunately the docs don't give any details about how it attempts the login, but logging HTTP requests to the login page may give some insight.

[Joshua Fox יהושע פוקס‎]

Thank you. The entire page, including the login form, is built in Ajax, and so the form is not present when the Scanner's browser first requests it. The Scanner's browser would have to wait a moment for the Ajax to build the login form.

This may be the source of the problem.