🧪 Test Authentication Flows

In this section, you’ll run tests to verify that your auth endpoints are set up correctly.

🤔

Tests not working?

If you get stuck, contact us and our development team will work directly with you to get unblocked.

Now that you've implemented your authentication endpoints (login, callback, and logout), let's test some basic authentication flows to verify that everything is working correctly.

⚠️

Before You Begin

Ensure that your Express server is running before executing the tests below.

Test 1: Verify Signup Flow

First, we'll test the Application-Level Signup flow. To do so, please perform the following steps:

  1. Select your application from the Dashboard Home Page.
Select application
  1. On the Application Settings page, scroll down to the Application URLs section and click the header to expand the accordion menu. Within the Application URLs section, click the external link icon next to the Application-level Signup URL field.
  1. After clicking the external link icon, a new browser tab will open showing the Application-Level Signup page. Fill out the following fields on that page:

    1. Tenant Name - Application-level signup creates a new tenant under your application. This will be the name of the tenant that is created.
    2. Email - A valid email address under your possession. To complete the signup process, you'll need to view an activation email sent to this address.
    3. Password - The password that you will use to log in.

    When finished, click the "Sign Up" button.

Application-level signup
  1. Next, you should get an email containing a one-time code. Enter the code into the Verification Code form field and then click the "Verify" button.
Verification code page
  1. If the signup process succeeds, you'll be redirected to the URL you specified as the final redirect in your Callback Endpoint (set up in the Add Auth Endpoints step). This is typically your application's home page.

Congratulations, you just completed the Application-Level Signup flow! Behind the scenes, the following operations were performed.

  1. A new tenant was created under your application with the "Tenant Name" that you provided.
  2. A new user was created under the tenant with the email and password that you specified.
  3. The user was activated using an email containing a verification code.
  4. A Wristband auth session was created for the user.

Test 2: Verify Login Flow

Next, let's test the user login flow. Before doing so, ensure the user you just created doesn't have any active Wristband auth sessions (they likely do if you have just completed the signup flow). If an active session exists, the user will be automatically authenticated when navigating to their tenant login page, bypassing the login screen (which we don't want for this test).

Clearing the User's Active Auth Sessions

To clear the user's active auth sessions, perform the following steps:

  1. Select your application from the Dashboard Home Page.
Select application
  1. Next, select "Users" from the navigation bar and then select the user that was created through the signup process from the Users table.
Select user
  1. On the Edit User screen, scroll down to the Active Auth Sessions section and click the "Delete Sessions" button.

Perform User Login

Now that we've cleared the user's active auth sessions, we can test the login flow. To do so, please perform the following steps:

  1. Select your application from the Dashboard Home Page.
Select application
  1. On the Application Settings page, scroll down to the Application URLs section and click the header to expand the accordion menu. Within the Application URLs section, click the external link icon next to the Application-level Login URL field.
  1. After clicking the external link icon, a new browser tab will open to the Application-Level Login page. This page lists the tenants you've previously authenticated with. Click the "Select" button next to the tenant you created during the signup flow.
  1. You should now see the login page for the selected tenant. Enter your email and password for the user you created during the signup flow, then click the "Log In" button.
  1. If the login process succeeds, you'll be redirected to the URL you specified as the final redirect in your Callback Endpoint (set up in the Add Auth Endpoints step). This is typically your application's home page.

If you've reached this point, congratulations! Your Login Endpoint is working correctly. 🎉

Great Job

Looking good. You're starting off just fine.



What’s Next

Now that you've set up your application's authentication endpoints, let's test that they're working.