Lokesh
asked on 10 Aug 2021, 01:14 PM
| edited on 10 Aug 2021, 01:16 PM
My client's company is putting Microsoft authenticator in every application access through external network. In order to automate I need to get the Code which is randomly generated by authenticator.
Let me know how to automate that using Telerik Test Studio.
In our application we have similar functionality. We use Google Authenticator but I think it's basically the same.
We've built a custom assembly with functionality that generates the 'authenticator' code. We used this nuget package for that: https://www.nuget.org/packages/OtpSharp/ For this you need to have access to the user's secret which is probably stored in database from the custom assembly.
This functionality can then be called from a coded test if you include the custom assembly in your project.
1 Answer, 1 is accepted
0
Elena
Telerik team
answered on 11 Aug 2021, 07:52 AM
Hello Lokesh,
I have to admit that two factor authentication is a challenging scenario for any test automation tool. Usually this consists of any third party tool - SMS, email, phonecall or a mobile app, which is not accessible from the web test and computer you work on. So the only option remains to manually confirm the login via the third party tool.
You mentioned that you need to use the Microsoft Authenticator application, which is running on a mobile device. The mobile device, though, cannot be accessed through Test Studio tests and the code cannot be retrieved in the test runtime.
In the general case we recommend to use dedicated testing user accounts for the overall automation process. These dedicated accounts should login without the two factor authentication and allow the automation tests to run flawless.
I hope this information will be helpful to find the best way to address this with your client.
Regards,
Elena
Progress Telerik
The Test Studio R2 2021 release is out now! Register for the live release webinar on August 26 at 11 am ET | 5 pm CET and be among the first to get a preview of the fully revamped Step Failure Details in Test Studio.
In our application we have similar functionality. We use Google Authenticator but I think it's basically the same.
We've built a custom assembly with functionality that generates the 'authenticator' code.
We used this nuget package for that: https://www.nuget.org/packages/OtpSharp/
For this you need to have access to the user's secret which is probably stored in database from the custom assembly.
This functionality can then be called from a coded test if you include the custom assembly in your project.