| ATH-TS-07-01 |
| Seq | Actor | Action | Automatic/Manual |
|---|
| 1 | MAIN | starting an identification action | Automatic: could be automate but cannot be generic since the applications to test have all a different layout. | | 2 | CSAM | authenticate himself with TOTP | Could be difficult to automate as CSAM and MAIN are different applications | | 3 | MOB-AuthCode | get the security code and enter the key into CSAM portal (30 seconds lifespan) | Manual: to validate the authentication, the user must copy a security code found on his mobile application. | | 4 | CSAM | choose a profile (any of them) | Could be difficult to automate as CSAM and MAIN are different applications |
| When the test actions are performed the following assertions must be checked
MAIN application: - user is logged into the application (MAIN)
eHealth endpoint: - IAM session is active (how to test: we don't have a token)
- IDP session is active (how to test: we don't have a token)
| As soon I cannot login into the app (the server has a login feature ???) |