This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

synthetic monitoring an application that passes through OKTA (http or browser synthetic monitoring)

Go to solution
ckumlien
Contributor

‎09 Oct 2020 09:17 PM

Can anyone share your experience with me regarding monitoring synthetic URL's that sit behind OKTA Authentication? The authentication sends verification code to a phone number and I don't know how to capture that and place it into the monitor. Has anyone actually made this work?

If it were not a random code, a voicemail on a dedicated number could authenticate. Since it is a random code, that no longer will work.

Reply
4 REPLIES 4

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru

‎10 Oct 2020 06:50 PM

I have been looking into OKTA, but from the HTTP monitor perspetive, and no 2FA. 2FA is always particularly difficult to script...

Antonio Sousa
0 Kudos
Reply

Go to solution
skanchalwar2
Guide
In response to AntonioSousa

‎05 Aug 2021 03:53 PM

If we can bypass 2FA for the dummy user, will Synthetic able to login into Okta and reach the app?

0 Kudos
Reply

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru
In response to skanchalwar2

‎05 Aug 2021 04:07 PM

I have not tried hard to get this working, as it takes a lot of actions, which has a great impact on DEM consumption. But I would say so to your question.

Antonio Sousa
0 Kudos
Reply

Go to solution
HannahM
Dynatrace Leader
Dynatrace Leader

‎12 Oct 2020 10:15 AM

Is there an API we could use to get the verification code from? If you have the code that generates the 'random' code, could we add that to a javaScript event to generate it through the script? Can the code only be sent to sms, could you use an a webmail account that you could check as part of the monitor?
Alternatively, if you are not specifically testing that 2FA works can you add something into your application that checks for our User Agent string and if it's included skips the 2FA.

Synthetic SME and community advocate.
0 Kudos
Reply
Ask a question

Featured Posts