Test User Management

Descope supports the ability to test end-to-end authentication via test users. Test users can be used to test OTP via email, SMS, or voice, Magic Link via email or SMS, and Enchanted Link via email. Utilizing test users, you can generate OTP codes and Magic or Enchanted link tokens for test users directly without integrating with SMS, voice, or email through the Descope API and SDK. Once you have the generated code and token, you will verify them with the related OTP, Magic Link, or Enchanted Link verification functions in the SDK or API.

Test users are not audited, counted as active users, or monitored within your analytics.

Creating Test Users

Descope API or SDK

Test users can be generated via the Management SDK's Create Test User function or by the management API Create User function. When creating the test user via the API, you must ensure you pass the test=true attribute.

Dynamic Test User creation

Descope allows you to dynamically create test users based on a configured email address regex. This allows you to test your just-in-time user creation during the sign-up-or-in process within your flows or other testing. When the email matches this regex, the user will be created as a test user. You can configure and test this regext within the Test Users section within the Project Settings area of the Descope console.

After the user initiates the authentication process as a dynamic test user, the same SDK and API endpoints for generating OTP, magic links, etc. for test users, are still applicable to the dynamically created test user.

Note

It is essential to monitor and clean up your dynamic test users as it could quickly reach the Test User Limits.

Descope dynamic test user regex configuration and test

Test User in User Management

Once the test users have been created, they can be viewed in the users table in the Descope console. A column "Is Test User" is part of the table where you can see the label against test users.

Test Users in user console

Descopers can also use advance filter option to view the test user with the condition as shown below. This will help list out all existing test users in the table.

Test Users using Filter

Test User Verifiers

When utilizing test users for MFA, it is recommended to generate OTP codes for flows involving email or phone OTP. In scenarios where access to a test user's email or phone is unavailable, you can set static OTP codes for test users that match a regex pattern.

In the Project Settings under Test User, you can enable Static OTP codes. The regex pattern is tested against the verifier to help narrow the access to static codes. Note that a warning will appear when enabling Static OTP codes.

This is an insecure method and is only recommended when generated OTP codes are not viable for testing. Therefore, this setting is ignored during imports and exports and is excluded from production environments.

Static OTP for test user with regex for verifier

Test User Limits

Free tier plans are limited to 5 test users per project. Pro-tier plans allow for 100 test users per project. Learn more about upgrading your tier within our pricing overview.

When the maximum number of test users has been reached, the user will be presented with the below error:

{
  "errorCode": "E111111",
  "errorDescription": "Failed to create user",
  "errorMessage": "... [E013002] Failed to create record [error: [E013002] Test users limit exceeded]",
  "message": "... [E013002] Failed to create record [error: [E013002] Test users limit exceeded]"
}

Test User JWT

When utilizing test users, their JWT can be identified by the "tu": true immutable claim.

{
  "amr": [
    "email"
  ],
  "drn": "DS",
  "exp": 1696964429,
  "iat": 1696963829,
  "iss": "xxxxx",
  "rexp": "2023-11-07T18:50:29Z",
  "sub": "xxxxxx",
  "tu": true
}
Was this helpful?

On this page