MailSlurp logo

Auth flow testing

Prove OTP and MFA workflows before release

Use MailSlurp to validate signup, password reset, magic links, SMS OTP, and MFA recovery with real messaging channels and deterministic waits.

Start freeAuth testing docs
Authentication testing for OTP, MFA, and magic links

Trusted by teams shipping customer messaging

  • Broadcom
  • Scraper
  • Trivago
  • Avast
  • Wolt
  • Panasonic

Auth testing capabilities

Test the evidence your auth flow actually depends on

Provision real channels, wait for the message that matters, extract the code or link, and prove the account path completed under realistic conditions.

Fresh inboxes and phone numbers per run

Create isolated email addresses and SMS numbers for signup, reset, OTP, and MFA scenarios so auth tests do not share state.

Wait APIs for links, codes, and message timing

Block until the matching email or SMS arrives, then assert delivery timing, sender, subject, and OTP content without sleep-based retries.

Virtual TOTP devices and QR enrollment

Create programmable authenticator devices, capture QR setup, and generate rolling TOTP codes inside CI and browser tests.

Cross-channel auth assertions in one stack

Cover magic links, email OTP, SMS OTP, recovery, and MFA fallback with one evidence model across staging and release gates.

Authentication testing

Key workflows

Broken OTP, magic-link, MFA, and recovery flows create immediate support load and conversion loss. Real inbox and SMS evidence belongs in every release gate for account access paths.

Workflow 01

Test TOTP and MFA device enrollment

Validate QR setup, TOTP generation, and enrollment steps without manual device handling in your QA flow.

Explore TOTP testing
MailSlurp product workspace showing email, phone, dashboard activity, and developer automation
MailSlurp product workspace showing email, phone, dashboard activity, and developer automation

Workflow 02

Assert real email and SMS auth traffic

Wait for codes, links, and recovery messages across inbox and phone workflows in CI or staging.

Explore testing APIs

Workflow 03

Pair inbox and number workflows in one auth test stack

Use the same platform to cover email OTP, SMS OTP, magic links, and recovery paths without mixed tooling.

Explore SMS APIs
MailSlurp product workspace showing email, phone, dashboard activity, and developer automation

Developer integration

Drop message assertions into Playwright, Cypress, Selenium, or CI

Use SDK helpers inside your existing test runners instead of building mailbox polling and parsing from scratch.

CSharpCSharpCypressJSCypressJSGoGoGraphQLGraphQLiOSiOSJavaJavaJavascriptJavascriptKotlinKotlin
  • Wait for matching email or SMS in test code
  • Extract links, codes, and headers for assertions
  • Run the same patterns locally and in CI
Open docs

Next step

Start with signup or docs

Use the free account to validate the workflow in your own stack, then move into implementation details in the docs.

Start freeAuth testing docs