Open Closed

Best way to do automation testing against Backend API #9995

User avatar
0
DominaTang created

When an tenant has 2FA enabled, it's not able for automation API testing. So when a tenant has 2FA enabled, could particular user account has it disabled? If yes, which database table shall I check the value? Is there admin UI for it?

Or do you have any other better idea for backend API automation testing?

Go to accepted answer
6 Answer(s)
  • User Avatar
    0
    AI-Bot created
    Support Team ABP Agent

    • Yes, in ABP, even if a tenant has 2FA enabled or enforced, you can disable 2FA for a specific user account. This allows you to perform automation API testing with that user while keeping 2FA enabled for others.

    • You can manage this via the admin UI:

      1. As a tenant admin, go to the Identity > Users page (/Identity/Users).
      2. Select the user you want to configure.
      3. Edit the user and set the "Two Factor Enabled" option to off/disabled for that user.

    • In the database, the relevant value is stored in the AbpUsers table, in the TwoFactorEnabled column. Setting this column to false for a user disables 2FA for that user, regardless of the tenant-wide setting.

    • This approach is recommended for backend API automation testing: create a dedicated test user with 2FA disabled, while keeping 2FA enabled for real users.

    Sources:

    This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

  • User Avatar
    0
    DominaTang created

    For above test account, could user password set to never expire?

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Hi DominaTang,

    Before answering your question, I would like to ask you a question. In which environment do you run your automation tests? Do you run them on the live application or do you have a test environment where you run them?

  • User Avatar
    0
    DominaTang created

    We are using QA environment for automation test.

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    You can configure longer token lifetimes in your QA environment using the following example:

    #if QA_BUILD
   PreConfigure<OpenIddictServerBuilder>(builder =>
    {
        builder.SetAuthorizationCodeLifetime(TimeSpan.FromDays(365));
        builder.SetAccessTokenLifetime(TimeSpan.FromDays(365));
        builder.SetIdentityTokenLifetime(TimeSpan.FromDays(365));
        builder.SetRefreshTokenLifetime(TimeSpan.FromYears(2));
    });    
#endif

    For more details, please check the documentation here: https://abp.io/docs/latest/modules/openiddict#setting-tokens-lifetime

  • User Avatar
    0
    DominaTang created

    thank you very much it's very helpful.

    1
Assignee
User avatar berkansasmaz
Question details
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.1.0-preview. Updated on October 21, 2025, 11:36