Skip to main content

Reading and Auto-Entering OTP on Android Using Appium in TestGrid

Overview

OTP (One-Time Password) based verification is widely used in Android applications for secure authentication and transaction validation. TestGrid enables end-to-end OTP automation on Real Android Devices using custom scripts, allowing tests to dynamically read OTP messages and auto-enter them without manual intervention.

This guide explains how to:

  • Read OTP messages from an Android device
  • Extract a OTP securely
  • Switch back to application under test
  • Auto-enter the OTP during test execution on TestGrid Real Android Devices

Use Case

This approach is useful when:

  • OTP is delivered via SMS or in-app messages
  • Manual intervention must be avoided during automation
  • Secure login or transaction validation is required
  • Running end-to-end authentication flows in CI/CD pipelines

High-Level Flow

  1. Read message elements from the Android Messages UI
  2. Extract OTP using Regular Expression
  3. Validate OTP availability
  4. Switch back to application under test
  5. Auto-enter OTP into input field
try {
            java.util.List<WebElement> messages = driver.findElements(By.id("com.samsung.android.messaging:id/content_text_view"));
            String var_otp = null;
            for (WebElement message : messages) {
                String messageText = message.getText();
                System.out.println("Message Found: " + messageText);
                java.util.regex.Pattern otpPattern = java.util.regex.Pattern.compile("\\b\\d{6}\\b");
                java.util.regex.Matcher matcher = otpPattern.matcher(messageText);
                if (matcher.find()) {
                    var_otp = matcher.group();
                    System.out.println("Extracted OTP: " + var_otp);
                    break;
                }
            }
            if (var_otp == null) {
                System.err.println("OTP found in messages.");
                return;
            }
        } catch (Exception e) {
            System.err.println("⚠ Error: " + e.getMessage());
        }

For Reference : https://testgrid.io/docs/document/using-custom-expressions-in-scriptless-test-cases-with-java-selenium-appium/

Security and Compliance Considerations

  • OTPs are extracted dynamically and not stored
  • No sensitive data is logged persistently
  • Execution follows TestGrid enterprise security standards
  • Suitable for SOC2, and internal compliance requirements

Conclusion

By leveraging TestGrid custom scripting, teams can fully automate OTP-based authentication flows on real Android devices. This approach eliminates manual intervention, improves test reliability, and enables secure, scalable automation suitable for enterprise-grade applications.

Table of Contents