Generate MFA tokens inside your automated tests
Multi-factor authentication is one of the most common reasons end-to-end automation becomes slow, brittle, or “semi-manual”. Teams end up sharing one-time codes in Slack, pausing test runs, or maintaining fragile workarounds.
The Generate MFA token step lets DoesQA act as a real MFA provider inside your tests. You can generate valid, time-based tokens on demand, exactly when your flow needs them, without leaving the run.
This makes MFA-protected journeys fully automatable and repeatable.
Why this step matters
MFA is designed to stop automated access, which is great for security but painful for automation. In practice, it creates:
blocked test runs waiting on a human
shared test accounts that are hard to coordinate
manual steps that break CI reliability
duplicated logic across multiple flows
Generating tokens inside the flow removes those bottlenecks while keeping your real authentication path intact.
What you can do with Generate MFA token
Use this step to:
generate a valid MFA token at the exact point it is needed
support login flows that require time-based one-time passwords
keep automation fully hands-off in CI/CD and scheduled runs
avoid the “send me the code” workflow that slows teams down
It is especially useful for tests that validate critical user journeys like login, account security, and checkout.
Works for both existing and newly enrolled MFA users
This step is flexible enough to support:
Testing existing MFA-enabled users
Use a stored MFA secret to generate a fresh token whenever required.
Testing MFA enrolment as part of the journey
Your flow can register a new user, enable MFA, capture the MFA secret, then generate tokens live for the remainder of the test.
That means you can test real coverage for multiple user paths within your product, including:
returning users with MFA enabled
new users who enable MFA during onboarding
users switching MFA settings
security flows like “re-authenticate to change password”
Pair it with Scan for QR-based enrolment
Many apps display the MFA secret as a QR code. DoesQA can capture that too.
When paired with the Scan step, you can:
scan the displayed QR code
extract the MFA secret
generate valid tokens from it immediately
This is a powerful way to automate real enrolment flows without shortcuts.
Faster collaboration for teams
MFA is not just a CI problem. It slows down humans too.
With token generation built into DoesQA:
automation engineers do not need to message developers for codes
manual testers can log in as shared test users without coordination chaos
debugging stays focused because tokens can be generated while reviewing results
This helps reduce the friction between QA, developers, and stakeholders when authentication is part of the workflow.
Keep security flows realistic without added complexity
A common compromise is disabling MFA in test environments. That removes a critical part of real-world behaviour and hides issues until production.
Generate MFA token lets you keep security in the journey while still keeping your automation fast, repeatable, and reliable.
It is one of the simplest ways to increase meaningful coverage without increasing maintenance or cognitive overhead.