We are trying to implement automated tests that required users to be authenticated with Okta.
Our application is a public spa. Our okta admin panel only shows client_id , no client_secret.
Our goal is running fully automated e2e tests with playwright, so mfa needs to be automated or circumvented somehow.
Our security team will not allow creating an account without mfa like this was suggested in one of the answers from okta support.
Could you please suggest me some solution or point me to some documentation that explains how can I set up such automation ?
If you need to test sign-in automation without disabling MFA in your policy, you’re likely going to need to use our API to step your automated users through it. Depending on the factor and the edition of your Okta org, you can use the MFA Authn API (Classic): Authentication | Okta Developer or Direct Auth (OIE): Configure Direct Authentication grant types | Okta Developer
If this needs to be done in a consistent manner outside of automated authentication testing, you might consider a M2M flow if user context is not necessary using Client Credentials Grant Type: Implement authorization by grant type | Okta Developer