Live Webinar: QA in 2027: How AI Will Transform Testing and Quality Leadership Register Now.
Turn your manual testers into automation experts!Request a Demo

Microsoft SSO with TOTP Setup Using QR Code

Weekly Newsletter
Receive weekly testRigor newsletters packed with insights on test automation, codeless testing, and the latest advancements in AI.
Through Microsoft SSO with TOTP support, testRigor users can automate login flows that require a time-based authentication code during Microsoft SSO authentication. This article explains how to configure the authentication setup, save the QR code, upload it to your test suite, and use it inside a testRigor test case.
Requirements

In order to generate a TOTP code inside your test cases, you must:

  1. Have an application that supports Microsoft SSO.
  2. Have a Microsoft account configured for the application login flow.
  3. Have TOTP-based authentication enabled for the account.
  4. Have access to the QR code used during the TOTP setup.
  5. Have a testRigor account. If you still don’t have one, you can get yours now.
  6. Complete the steps below to set everything up.
Configuration Steps

To use this feature, you need to configure the Microsoft SSO account to use a TOTP-based authentication method, save the QR code used during that setup, and upload the QR code image to your testRigor test suite.

During test execution, testRigor scans the saved QR code image, extracts the TOTP secret, generates the current authentication code, and enters it into the two-factor authentication field.

Step One – Configure Microsoft SSO TOTP Authentication
  1. Start the Microsoft SSO authentication setup for the account that will be used in your test case.
  2. Enable a TOTP-based authentication method for the account.
  3. When the setup page displays a QR code, save the QR code image to a file. You will need this QR code to generate the authentication code inside testRigor test cases.
  4. After saving the QR code image, complete the authenticator setup using a compatible authenticator app.
  5. Finish the setup by entering the code generated by the authenticator app.
  6. At this point, the account is ready to use TOTP-based authentication. The QR code image saved in the previous step can now be used inside testRigor test cases.
Note About Microsoft Authenticator

This article applies to Microsoft SSO flows where a standard TOTP / Software OATH QR code or shared secret is available. Support for Microsoft Authenticator’s proprietary enrollment flow has not yet been released. If your Microsoft Entra configuration does not expose a QR code or shared secret, ask your administrator to enable Software OATH / standard TOTP for the test account, or disable MFA for dedicated test accounts in the testing environment.

Step Two – testRigor Setup
  1. Login to your testRigor account.
  2. Create or access the suite where you want to test the Microsoft SSO authentication flow.
  3. Click on “Test Data”.
  4. Click on “Add”.
  5. In the type field, select “File”.
  6. Enter a name to reference the QR code image in test cases. In this example, the QR code file is referenced as:
    qrCode
  7. Upload the QR code image file and save it.
  8. Now you are able to use the QR code image inside your test case to generate the TOTP code.
Step Three – Use the QR Code in a Test Case

The example below shows a Microsoft SSO login flow where the application asks for a two-factor authentication code after the Microsoft login is completed.

click "Microsoft"

check that page contains "Sign in"
enter stored value "username" into "Email"
click "Next"

check that page contains "Send code"
click "Other ways to sign in"

check that page contains "Use your password"
click "Use your password"

type stored value "password"
click "Next"

check that page contains "Stay signed in?"
click "Yes"

check that page contains "two-factor"
scan qr code value from stored value "qrCode" and save as "code"
extract value by regex "(?<=secret=)[A-Z0-9]+" from saved value "code" and save it as "secret"
generate totp code using saved value "secret" and save it as "2faCode"
enter saved value "2faCode" into "Two-Factor Authentication Code"
enter enter

check that page contains "Recents"
How It Works

The QR code used during TOTP setup contains an otpauth://totp/... value. testRigor scans the QR code image saved in Test Data and saves the decoded value as code.

scan qr code value from stored value "qrCode" and save as "code"

The decoded QR code value contains the TOTP secret. The following command extracts the secret and saves it as secret.

extract value by regex "(?<=secret=)[A-Z0-9]+" from saved value "code" and save it as "secret"

After the secret is extracted, testRigor generates the current TOTP code.

generate totp code using saved value "secret" and save it as "2faCode"

Finally, testRigor enters the generated code into the two-factor authentication field.

enter saved value "2faCode" into "Two-Factor Authentication Code"

This allows the test case to complete the Microsoft SSO login flow without manually opening an authenticator app during every test execution.

Notes
  1. The QR code image must be uploaded to testRigor Test Data as a file.
  2. The stored value name used in the test case must match the name used when uploading the QR code image. In this example, the name is qrCode.
  3. The generated TOTP code is time-based, so testRigor generates a fresh code during the test execution.
  4. Field names and button labels may be different depending on the application being tested. Update the test case steps to match your application.
  5. This approach works when the authentication setup provides a QR code or shared secret. Microsoft Authenticator proprietary enrollment support has not yet been released.
Related Articles

How to Use Approval Workflow for Test Cases

A lot of our customers and ourselves are using approval workflow for test cases that is designed to mimic GitHub workflow for ...

testRigor Integration from TestRail’s End

At testRigor, we make it easy for teams to bring Gen AI-powered test automation into the tools they already use. This guide walks ...
Privacy Overview
This site utilizes cookies to enhance your browsing experience. Among these, essential cookies are stored on your browser as they are necessary for ...
Read more
Strictly Necessary CookiesAlways Enabled
Essential cookies are crucial for the proper functioning and security of the website.
Non-NecessaryEnabled
Cookies that are not essential for the website's functionality but are employed to gather additional data. You can choose to opt out by using this toggle switch. These cookies gather data for analytics and performance tracking purposes.