Automated API Testing Strategy for Services using SMS-based Two-Factor Authentication (2FA) in Postman
An example using the Github API and Twilio as an SMS provider to demonstrate how to set up an automated REST API testing scenario in Postman or Newman.
As 2FA gets adopted by more and more providers, it has become a universal necessity to automatically test APIs that use this additional security feature.
Do not let 2FA hinder you from automating your tests. This tutorial takes a straightforward scenario implemented using the Github API and shows how automation could look like in this case. While this is just an example, the concept behind it can be re-used for other implementations.
A world without 2FA
Let’s first take a look at the following scenario implemented in Postman. It uses the Github API to create a new repository, to add a new issue and eventually to delete the repository that was just created. It is a straightforward workflow that uses the power of Postman to send the needed requests and to make the necessary assertions that ensure the API works as expected.
Feel free to import the collection, add your own Github credentials as collection variables…