Testing Complete (B2C)

Prior to launch, you should have completed all the testing that applies to your environment. All testing and configurations for Login 3.0 must be managed by the UPBOND team.

Quality Assurance is important in identifying issues before they impact your customers, and depending on the nature of your project, there are several different types of quality assurance testing that you’re going to want to consider as part of your integration with Login 3.0:

• Is your application easy to understand and use, even by those with a disability?

• Does your application need to work across various different browsers and devices?

• Does your application need to work in multinational and/or international environments?

• How will your application perform when subjected to unexpected production loads?

• How can you ensure your application is safe from security-related vulnerabilities?

Login 3.0 Universal Login and associated UI widgets (such as Lock) have already been designed and built following usability and accessibility best practices and provide tested out-of-box support for a whole host of browsers and devices. Support for internationalization (I18N) is also provided out-of-box, with built-in extensibility designed for custom multi-language and localization (L10N) situations.

To ensure functional requirements are met and unexpected events are handled correctly, testing guidance and configurations must be requested and handled by the UPBOND team.

Unit Testing

The objective of unit testing is to test individual units of code. If you create custom code within Login 3.0 in the form of Rules, Hooks, and/or Custom DB scripts, you should use a testing framework (such as Mocha) to test your code. All unit testing configurations and setups must be coordinated with the UPBOND team.

Integration Testing

It is a recommended best practice that you set up different tenants for development, testing, and production as discussed in Architecture guidance for SDLC support. All integration testing configurations and variable setups must be handled by the UPBOND team.

Best Practice: It’s a recommended best practice to use variables to contain tenant-specific values as well as any sensitive secrets that should not be exposed in your custom code. These configurations must be managed by the UPBOND team.

Test Automation

Automating the overall build process by incorporating deployment automation as well as test automation is critical. All automation setups must be coordinated with the UPBOND team.

Mock Testing

Mock testing Login 3.0 endpoints is a common practice to ensure application compatibility. All mock testing configurations must be approved and managed by the UPBOND team.

Pen Testing (Optional)

If you will be conducting penetration tests, you should coordinate all activities with the UPBOND team to avoid mistaken identification as malicious activity.

Load Testing (Optional)

Load testing requires advance notice and approval from the UPBOND team. All load testing parameters, configurations, and guidelines must be strictly adhered to and coordinated with the UPBOND team.

Load testing should follow these best practices:

1. Run an HTTP trace to identify all necessary calls for your test.

2. Design tests to account for Login 3.0 API rate limits.

3. Turn off non-essential Rules or Hooks for accurate load measurement.

4. Structure tests to simulate realistic load scenarios.

5. Handle errors and unhandled exceptions in custom code properly.

6. Gradually increase load for more informative results.

7. Use your own mail provider account with sufficient quota for email tests.

8. Use separate user credentials for realistic load distribution.

9. Adhere to the agreed-upon parameters for testing.