In this article we will cover different alternatives to create a setup for monitoring or testing Futurae authentication for your application.
The test setup may be used to run manual or automated test routines, or for monitoring the Futurae according to your requirements.
The status page enhances the visibility and transparency of all Futurae services and allows customers, partners, and the general public to stay constantly informed about any incidents.
The type of announcements vary from informational to maintenance reporting and are organized by the Futurae services:
- API (including Auth API, Admin API, SMS, Status Callbacks, and Push Notifications)
- Futurae Admin
Ping Server endpoint
The Ping Server endpoint implements an HTTP API which provides a way to verify the Futurae backend responsiveness. By calling this endpoint and obtaining a successful 200 OK response, you may assume that the Futurae backend application is up and running, and reachable from the host that is sending the request. Having said that, this endpoint is a reliable way to health check the Futurae service status.
Pros Easy to implement, ideal to implement a simple Futurae service health check mechanism.
Cons Lacks flexibility as it is limited to health check routines. Not useful for testing your Futurae integration.
Test user authentication with bypass mode
A user whose status is “bypass”, as the name suggests, will bypass the Futurae authentication, consequently any authentication attempt performed by this user will be automatically allowed.
This alternative is particularly useful to build a test suite which includes authentication attempts, without the need to worry about how to approve them from an authenticator app.
You may set the user status to “bypass” using the Modify User endpoint available on the Futurae Auth and Admin API
Alternatively, the user status may be updated to “bypass” in Futurae Admin under the “Users” menu, by selecting the respective user and clicking the three dots button followed by “Enable Bypass”.
Pros Effective for Futurae service health check and backend communication testing.
Cons Not ideal for properly testing your Futurae integration.
Test user authentication with one-time code
One-time codes are random numerical digit codes, with a configurable length and validity that the user may use only once, in order to successfully authenticate using Futurae. One-time authentication may be used to automate authentication test cases. The One Time passcode can be created and used in an automation attempt without the need of a manual confirmation through an authenticator application.
This authentication method may be easily adapted in 2 steps:
- Generate the one-time code for a test user
- Perform a successful authentication using the Futurae Auth API and providing the generated one-time code. This should successfully authenticate the test user
Pros May be used for manual and automated tests, as well as for monitoring purposes. No app-based authentication is required, however an actual authentication is performed.
Cons Slightly more complex to implement compared to using the bypass option.
Mock the Futurae API interfaces
A simple and recommended way to get around Futurae authentication when building automated tests for your application, is to mock the Futurae API interfaces. When opting for this approach, instead of your application making calls to the real Futurae backend, these calls are directed to your mock application. Your mock application may be configured to reply on behalf of the Futurae backend, and return a predefined response to each call that your application would otherwise make to Futurae. This allows automated testing of the backend integration without the requirement of an actual authentication session on the Futurae backend.
You may either develop your own mock application or use any existing tools and frameworks for that.
Pros Very flexible as you have full control of the mock application. Ideal for automated testing of the Futurae integration of your application.
Cons Requires some time to set up or develop the mock application.
Create a test app
This alternative is more complex and time consuming when compared with the others, yet it is more flexible. You may use the Futurae mobile SDK to create a test app in which you can approve or reject the authentication sessions created during your tests.
This alternative may be used for manual testing, by enabling the authentication session to be approved manually, or automatically in case that you program your app to automatically accept or reject the authentication attempt.
Pros Very flexible and may be used for manual and automated tests, as well as for end-to-end monitoring, although there are caveats that you need to take into account (for example, what if the push notification does not arrive in time?).
Cons Requires more effort to build.
Please sign in to leave a comment.