How can I test SSO manually

Hi,

How can I test the SSO service being a manual tester? I would appreciate it if you can give me some Test Cases/Scenarios to help a novice out. Please check the screenshot. Thanks in advance.

2 Likes

Try both scenarios from the images, open the Developer Tool and check the Network tab and the Console for errors and to get the idea of what happens when you click the login. You can try with a valid Google account and with a regular account. Try using a browser extension such as the Bug Magnet to try out some different input combinations - like different kinds of valid and invalid email formats, text-lengths, non ASCI characters, etc.

You can find some ideas here:

2 Likes

Thank you so much for your clear guideline. Much appreciate your help brother.

1 Like

Hey you’re very much welcome, Test, bro :smiley:

1 Like

the dev tools tab has a place you can turn off the thing that clears logs between pages. You want to look for anything hinky in the log for the whole testing session (even if it’s not SSO you are testing). This is a very good question, might come back to it as I may do a bit of this myself sometime too.

2 Likes

Thank you so much for your suggestions. I will try and understand it.

1 Like

What type of app is this?

There is a lot you can do with the fields. Don’t get lost in that.

What about usability? Are there requirements for passwords? Does the user know the requirements? Do you need to force strong passwords? Can the user use a fake email? Can the user use a temporary email?

Try a few different apps to compare the process.

What is the onboarding process?

What is the process for password reset?

What if the user forgets his password?

How is the session managed?

What is the timeout?

Try different browsers

Try browser settings

Private browsing.

Multiple sessions in the same browser.

Browser navigation, is the session maintained.

Check cookie details

What is the plan for security testing?

How will you test session expiry?

What information is logged?

Does anyone review user login information?

Does log info raise alarms?

Use my list as a starting point.

3 Likes

I can clearly think ahead with the scenarios that you mentioned. Thank you so very much brother.

2 Likes