cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Synthetic Browser Monitors with MFA

karthik_laddipe
Frequent Guest

We are soon going to have MFA enforced on all customer logins to our portals. This MFA is a regular OTP that goes to user's as SMS or Email. 

From security stand point there is no way we can allow the user leveraged for synthetic checks to bypass MFA, there is no way to allow certain source ip's to bypass MFA and there is no way we can obtain MFA via API.

We have ruled out all work around possibilities that other Dynatrace customers have used.

Is there any solution that is going to be made available on the tool itself to address this like for example we could have a generic email or phone number that we can register as a email or phone number of the user/service account leveraged for that script and there could be an in-built mechanism that just reads from those inboxes and updates OTP where needed?

1 REPLY 1

Julius_Loman
DynaMight Legend
DynaMight Legend

There is no generic solution, as MFA implementations vary. In general, you can use JavaScript in your Synthetic tests to obtain the second factor. But it really depends on how you can get to the second factor value. (You use authenticator, some app, email, SMS, ... )  In general, there are libraries, which allow you to generate TOTP. But if you use some proprietary solution as as Cisco duo, RSA, PingID, Mobile pass or a custom one, your options get limited.

MFA is there exactly for disallowing bots such as synthetic tests 🙂 The most straightforward solution is to disable MFA for user used in synthetic tests. 

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

Featured Posts