Testing an application that has Multifactor Authentication (MFA) turned on

The purpose of Multifactor Authentication is to defeat bots. Software test automation solutions look like they are bots. All of the MFA implementations depend on human interaction.

To be able to successfully automate testing when MFA is in use usually starts with a conversation with the dev team. The dev team is just as interested in test automation as the test team is and is usually eager to provide “workarounds” to defeat or eliminate MFA in the test environment.

Types of MFA:

  • Enter a code sent to SMS or Email
  • Enter a code from an authenticator app (Windows, Google, etc.)
  • Insert hardware token into the computer
  • Enter something you know, your mother’s maiden name, the last four digits of your passport, etc
  • Geolocation
  • Biometrics

Common solutions to automating tests on applications that use MFA

  1. Disable the feature in the test environment – this has the downside that you are then not testing what the production version of the application will be and the dev team must remember to enable it again in the production version. It also means the MFA must be manually tested.
  2. Store the token where the test automation tool can retrieve it – storing the token in a database is the most common solution. This means the application under test can send the email or SMS, and the test automation script can retrieve the token from the database with an SQL call. This has the advantage that it does not require a special test build and the token will always be hidden behind the firewall when the system goes into production. Appvance IQ can read databases (SQL and non-SQL) from a test script.
  3. Create an API to retrieve the token – this is like number 2. Dev creates a service that the test automation calls to obtain the token. Also does not require a special test build of the application. The endpoint is behind the firewall so no risk of it being compromised. Appvance IQ can call APIs, Services, and Microservices from a test script.
  4. Use the test tool to read the email – most email services have a web version so use the test automation tool to open the email and extract the token. This is a built-in service in Appvance IQ.
  5. Use the tool to run the authenticator app – use the test automation tool to run the authenticator app. That is use cross-platform capabilities in your testing tool to read the authentication code from the authenticator app on a phone app, or Windows app. Appvance IQ supports native mobile and Windows desktop applications.

Appvance IQ (AIQ) covers all your software testing needs with the most comprehensive autonomous software testing platform available today.  Click here to demo today.

Recent Blog Posts

Read Other Recent Articles

In today’s hyper-accelerated release cycles, speed and quality often feel like opposing forces. Traditional testing approaches—manual scripts, record-and-playback tools, or even semi-automated frameworks—simply can’t keep up. They’re slow to create, expensive to maintain, and shallow in coverage. Enter Digital Twin technology, the engine behind Appvance IQ’s (AIQ) ability to deliver 100X faster script generation and

SPEED is everything in the fast-paced digital world. Enterprises can’t afford multi-week QA cycles that slow releases, frustrate customers, and hold back innovation. Yet, for many organizations, that’s still the reality. Traditional testing—laden with brittle scripts, manual updates, and siloed teams—creates bottlenecks that delay software delivery. Enter AI testing. With Appvance IQ (AIQ), quality assurance

In a marketplace flooded with “AI-washed” claims, distinguishing real generative AI from superficial automation is more critical than ever—especially in the high-stakes realm of end-to-end software testing. For organizations evaluating AI-powered testing platforms, asking the right questions can uncover massive differences in capability, scale, and ROI. At Appvance, we’ve engaged with hundreds of QA and

Empower Your Team. Unleash More Potential. See What AIQ Can Do For Your Business

footer cta image
footer cta image