If you want to have TOTP-based authentication using 3rd-party Authenticator apps like Microsoft Authenticator, follow the steps in this article to allow automation logic to acquire verification code when the test is running. The login user id which is used in your test cases should be configured for MFA authentication as described in this article.
Setting up Salesforce MFA
- Login to Salesforce and Navigate to Setup > Users > Users > Choose the user for which you want to set up MFA.
- If you have already registered via a 3rd party Authenticator app (Google Authenticator, Microsoft Authenticator, etc.) under App Registration: One-Time Password Authenticator then click the disconnect link. (If you don't have any existing 3rd party MFA enabled proceed to step 3)
- Click Connect link for "App Registration: One-Time Password Authenticator"
- Enter the verification code that is sent to your registered email ID and click Verify button.
- Download and install the desired authenticator app(Microsoft Authenticator, Google Authenticator, etc) on your mobile phone. And scan the QR Code and add the account.
- Click the "I Can't Scan the QR Code" Link and Copy the Secret Key. We will need this secret key later to be used in the Action logic.
- Enter the Verification Code generated in the Authenticator App(On your mobile) and click the "Connect" button
- You should now be logged into Salesforce.
Extracting verification code in Action logic
When the application-under-test is set up for multi-factor authentication, you will need to enter a verification code as part of the login process. When you write the logic for Login Action in ACCELQ, insert statements to find and use security code as demonstrated below.
Command: Generate MFA Token from Key
In this command, you will utilize the security key saved in the setup steps. This parameter is encrypted as you type into your Action logic, and hence secure.
In the example below, a typical login process is followed by extraction of the verification code and then applying this code in the application field.