This article addresses the inability to bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) for automation and security scan testing. It explains that Okta does not provide a method to bypass this feature for testing automation, outlines potential workarounds, and outlines the process for submitting a feature request.
- reCAPTCHA (Google)
- hCaptcha
- Automated Testing
- Okta Identity Engine (OIE)
Okta CAPTCHA is a core security feature that applies universally to all traffic. No configuration is available to exclude automation tools while selectively maintaining security for end-user traffic.
Consider one of the following workarounds to allow automated testing:
- Temporarily disable CAPTCHA during test runs.
- Configure a separate test environment without CAPTCHA enabled.
NOTE: Test any changes in a preview environment before applying them to production.
To request a feature that allows bypassing CAPTCHA for automated testing, submit an idea for consideration in the Okta Product Roadmap. For more information, refer to How to Submit a Feature or Enhancement Request using Okta Ideas.
