cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

synthetic monitoring an application that passes through OKTA (http or browser synthetic monitoring)

ckumlien
Participant
Can anyone share your experience with me regarding monitoring synthetic URL's that sit behind OKTA Authentication? The authentication sends verification code to a phone number and I don't know how to capture that and place it into the monitor. Has anyone actually made this work?

If it were not a random code, a voicemail on a dedicated number could authenticate. Since it is a random code, that no longer will work.

4 REPLIES 4

AntonioSousa
DynaMight Leader
DynaMight Leader

I have been looking into OKTA, but from the HTTP monitor perspetive, and no 2FA. 2FA is always particularly difficult to script...

Antonio Sousa

If we can bypass 2FA for the dummy user, will Synthetic able to login into Okta and reach the app?

I have not tried hard to get this working, as it takes a lot of actions, which has a great impact on DEM consumption. But I would say so to your question.

Antonio Sousa

HannahM
Dynatrace Pro
Dynatrace Pro

Is there an API we could use to get the verification code from? If you have the code that generates the 'random' code, could we add that to a javaScript event to generate it through the script? Can the code only be sent to sms, could you use an a webmail account that you could check as part of the monitor?
Alternatively, if you are not specifically testing that 2FA works can you add something into your application that checks for our User Agent string and if it's included skips the 2FA.