Two Step Verification?

I’m using Katalon Studio to test some Saleforce cases

  • I can get a test case to open a browser session
  • Enter credentials
  • Submit credentials

The problem is that Salesforce has two step authentication for each new computer. Every time I run a test I have to wait for a verification code to be sent to my phone, or email, and the tests fail.

It appears that the test session is not using local cookies. How can I get around the repeated token issues?

Give your Testing User a separate Profile, and give the Profile a Trusted IP Range from to That takes care of the Two-Step Authentication, at least for me.

That won’t help as when I gave the range of 0 to 255, gave the error as the specified range is too high.

I am stuck in the same situation. Not sure how to get through the 2-step verification in Salesforce. Did you find a workaround?

me too…

Setup>>Network access>> You can add your system’s IP address range(You can find this when you go to browser and navigate to my IPaddress site) so that it wont ask you verification code when the new browser session is opened everytime

I have the same issue listed above if you put in to Salesforce will error saying the range is too large.

It’s not a good practice anyway to whitelist all IP addresses.

I need to know what IP address(es) or range to whitelist.

Hi @gregj,

The whitelisted IP addresses are the public IP addresses of your company. You should ask your IT, helpdesk to get the IP ranges information, or just simply navigate to to get the current public IP address.

No, when you run a test, it opens a window, and as Salesforce tried to login the remote test session will be identified as a new browser each time and ask for a sms or email code.

I need to know what IP address for the Katalon servers I need to whitelist, or find another solution to automating the 2 factor authentication?


Please take a look at my recording video add_whitelistedIP_salesforce.7z (3.4 MB)
After adding my public IP, salesforce will not ask for the verification code.

At Salesforce document, they also said: Help And Training Community

Trusted IP Ranges define a list of IP addresses from which users can log in without receiving a login challenge for verification of their identity, such as a code sent to their mobile phone.

Hi I’m also looking for a solution for this. Is there a way for the play scripts to inherit authentication cookies so the playback tests don’t fail?