If it is necessary to use 2FA on the tested app or website, authentication can be performed by saving an authentication key to MagicPod.
Supported authentication methods
By using an authentication application such as Google Authenticator or Authy to read the QR code, you can enter the passcode displayed in the application to log in, as long as it is the correct type of authentication.
Authentication using email can be automated by retrieving the code from a sent email. Please refer to this page to set up email test automation.
Authentication using SMS is not supported.
Method of use
Register authentication keys (first time only)
Register the authentication key to the target app/website, and save it locally. The method for generating and registering keys differs for each application and site. Here, we shall use GitHub (https://github.com) as an example. Change the target as necessary when using it in each respective case.
Navigate to the "Account Security" section of the GitHub settings page, and click "Enable two-factor authentication" to open the screen for setting up two-factor authentication.
Next, click “Set up using an app,” and select the authentication used by the app.
When the QR code is displayed as in the following figure, click the “enter this text code” link to display the character string for registration. This is the same character string as that resulting from reading the QR code. On most sites, the link is displayed alongside the QR code; however, if there is no link, you can acquire the same character string by reading the QR code with a barcode reader.
For GitHub, the following type of character string will be displayed. This is the key to passing two-factor authentication with MagicPod, so please make a copy of it and keep it with you.
Anyone who knows the value of this key will be able to calculate and crack the two-factor authentication code, so please handle with care.
Finally, as with the normal two-factor authentication settings, you can read the QR code in the verification application and enter the passcode displayed to complete the two-factor authentication registration process. You may delete the information registered in the application for authentication purposes. It is acceptable as long as the link information remains on the authenticating party's app/website (in this case, GitHub).
Generate and use passcodes for test cases
Passcodes for two-factor authentication are updated at regular intervals and must be re-created each time a test is run. For this purpose, use the dedicated command “Generate and store MFA passcode”.
This command has two parameters: “variable” and “key”. For "key," set the string you copied earlier (or obtained from the QR code), and for "variable," set an arbitrary variable name. If you do this, the 6-digit passcode generated from the key shall be saved in the set variable. The example below shows a case in which the code (here "123456") is stored in the variable PASSCODE, and entered in the required input column on the screen.
If you enter the key directly, it will stay in the test case and log, so please set it to a secret shared variable so that it is not directly visible.