Skip to content

Account creation for automated testing

Trimble Identity needs to implement bot control. Bot control will impede automated testing efforts.

To accommodate automated user testing, we will provide a non-bot controlled sign-in page specific to automation accounts. You request automation accounts via Trimble Identity’s support team.

This functionality is not available to external customers.

To request a testing automation account, please open a support request.

This article assumes a comprehensive understanding of the OAuth 2.0 authorization code workflow. For more information about grants in Trimble Identity, please refer to the documentation.

For rollout timelines and other questions, see FAQ.

We already support the concept of a “federation.” Federations enable end users to sign in using existing accounts, such as “Sign in with Google.” Often these federations are business-to-business configurations that allow our partner organizations’ users to sign in with their credentials. To target a federated sign-in, the authorized request must contain an Identity_provider parameter in the query string.

To support automated testing efforts while keeping Trimble Identity secure from bots and scripted attacks, we will leverage our federations to provide an automation-testing-only federated identity. This federation will only include accounts with a presently fake @trimbleautomation.com domain.

The federated sign in page will not have any bot-control enabled. This will allow current automation testing to continue functioning similarly to the current approach.

We can isolate automation accounts from regular user accounts by maintaining test account credentials in a different user pool. Automation accounts must be requested via support; thus, Trimble Identity controls password length and complexity. No self-service options exist for managing automation accounts.

Once a test automation user’s username and password are acquired, calls to the /oauth/authorize endpoint can target the automation user pool login by adding identity_provider=trimble_automation to the query string.

Only preconfigured test accounts can be used to sign in. Other Trimble Identity user credentials will not authenticate.

Any frameworks which work against Trimble Identity should continue to work for automation testing.

The test automation suite will start up a headless browser so it is recommended that the browser be opened to its maximum size for easier navigation.

driver.maximize_window()
options = webdriver.ChromeOptions()
options.add_argument("--start-maximized")

The automation sign-in page will have two forms which contain:

  • A username form element with the ID signInFormUsername
  • A password form element with the ID signInFormPassword
  • A button form element with the ID signInSubmitButton

The two forms are available in DOM and its visibility is resolved using viewport breakpoints

The following Python snippets reflect logging into the automation user pool:

username_input = driver.find_element(by='id', value='signInFormUsername')
password_input = driver.find_element(by='id', value='signInFormPassword')
submit = driver.find_element(by='name',value='signInSubmitButton')
username_input.send_keys(automation_username)
password_input.send_keys(automation_password)
submit.click()

If the code is run in a headless client, the webdriver fails in identifying the element by id. We recommend using xpath in such cases to run the script.

index = 1 if driver.get_window_size().get('width') < 992 else 2
# The index is set based on the viewport where value is resolved as 1 for modes extra-small and small; and as 2 for modes medium
username_input = driver.find_element(b  y='xpath', value='(//input[@id="signInFormUsername"])['+ str(index) +']')
password_input = driver.find_element(by='xpath', value='(//input[@id="signInFormPassword"])['+ str(index) +']')
submit = driver.find_element(by='xpath',value='(//input[@name="signInSubmitButton"])['+ str(index) +']')
username_input.send_keys(automation_username)
password_input.send_keys(automation_password)
submit.click()

It is possible to do sign-in test automation for managed users as well as normal users. Use all of the steps listed above for normal users with the following differences:

  • When calling the /oauth/authorize endpoint, use the following query parameters:

    • auth_workflow = managed_user
    • identity_provider = trimbleautomation_managed_user
  • The user name you should inject into the signInFormUsername must contain the following pattern: trimbleautomation_com.{preferred_username}, where preferred_username is a managed user you have registered with the Trimble Identity team.

  • The password you should inject is the one that the Trimble Identity team provides you for the managed user.

  1. Obtain a test automation account.

    • Navigate to the support page.

    • Create a new support ticket

      • Subject: Trimble Identity Test Automation Account
      • Description: Please provide the following Username for the automation account–username only, alphanumerics and special characters _ .- + [] <> Provide the application IDs this account is going to be testing Provide a short description of the use case
      • Support Category: Trimble Cloud Core Platform - Cloud Core Platform - Trimble Identity
  2. The support team will provide a presigned download link for the test automation account credentials

  3. Update the /oauth/authorize URL used by the testing harness to include identity_provider=trimble_automation in the query string

  4. Target the username form input with ID signInFormUsername.

  5. Target the password form input with ID signInFormPassword.

  6. Click the button with ID signInSubmitButton.

We will not be enabling a method for circumventing bot control when creating new accounts. At this time, we do not offer a “token API.” A UI/headless browser implementation must be used to exchange a code from the /authorize endpoint.

A C# SDK that automates Trimble Identity authentication using a headless Chrome browser, enabling token retrieval without manual login. Refer to the documentation for more info.