If it is necessary to use 2FA on the tested app or website, authentication can be performed by saving an authentication key to MagicPod.
Supported authentication methods
By using an authentication application such as Google Authenticator or Authy to read the QR code, you can enter the passcode displayed in the application to log in, as long as it is the correct type of authentication.
Authentication using email can be automated by retrieving the code from a sent email. Please refer to this page to set up email test automation.
Authentication using SMS is not supported.
Method of use
Obtain and register authentication key (One-time Setup)
Start the 2FA setup process in the target app or website, and display the screen prompting you to scan a QR code. If available, click a link such as "Can't scan it?" to display a string in place of the QR code. This string is the authentication key.
If such a link is not provided, you can scan the QR code using a smartphone to obtain the same authentication key string.
If a third party obtains this authentication key, they could generate valid passcodes and bypass authentication. Please handle it with care.
Complete the 2FA setup by scanning the QR code with your authentication app and entering the generated passcode as usual. You may delete the registration from the authentication app afterward, as long as the connected information remains on the app or website side.
Generate and use passcodes for test cases
Passcodes for two-factor authentication are updated at regular intervals and must be re-created each time a test is run. For this purpose, use the dedicated command “Store 2FA passcode”.
This command has two parameters: “Variable” and “Key.”
-
Set “Key” to the authentication key string obtained during the one-time setup.
-
Set “Variable” to any variable name you want to use to store the generated passcode.
The generated 6-digit passcode will be saved in the specified variable. In the example below, a code like "123456" is stored in a variable named "PASSCODE", which is then entered into the appropriate input field on the screen.
If you enter the key directly, it will stay in the test case and log, so please set it to a secret shared variable so that it is not directly visible.