Skip to main content
Test accounts can be used to build automated tests, for local development, or to reduce friction during Apple’s App Store review process for mobile apps. A new set of credentials are created each time a test account is enabled, and the old set is revoked to keep the app secure.
Enabling a test account registers a set of test credentials (a hardcoded email or phone number and OTP code). It does not create a Privy user record. The user record is created on the first successful login with those credentials, just like any real user.
To use test accounts, the app must support email or SMS login. Testing other login flows can either be automated with a library like Playwright, or by completing the flow manually, as it requires authorization with other APIs (such as social providers).

Enabling test accounts

To enable a test account for an app and get its login credentials:
  1. Go to the User management > Authentication > Advanced tab of the Privy Dashboard
  2. Turn on the Enable test accounts toggle
Once enabled, the Dashboard displays the test credentials for the app’s test account. All test credentials follow the same format, where XXXX/XXXXXX in the credentials below should be substituted with the values shown on the User management > Authentication > Advanced page of the Dashboard. Arbitrary values cannot be substituted for XXXX/XXXXXX, and plus addressing cannot be used; the credentials from the Dashboard must be used exactly.
emailphoneOTP (for either)
[email protected]+1 555 555 XXXXXXXXXX
After a test account is enabled, a user can log into the app with the provided email or phone number and OTP code to review and test the app. This first login creates the Privy user record.
Depending on when the Privy app was created, a legacy test account may be enabled with the login credentials [email protected] or +1 555 555 5555. See the User management > Authentication > Advanced page of the Privy Dashboard to determine if this is the case for the app.
Test accounts have a lighter authentication rate limit for apps in development. While all accounts in production apps and non-test accounts in development apps are limited to 5 requests every 5 minutes for email and 5 requests every 10 minutes for SMS, test accounts in development apps are limited to 10 requests every 10 seconds for either.

Testing login-only flows

If the app sets disableSignup: true and the test account has never been used to log in, login attempts fail with a user_does_not_exist error and the Account not found modal. This is expected behavior: no Privy user record exists yet, so the login is treated the same as a real user attempting to sign in without an existing account. To test this flow, attempt login with the test credentials before completing a first login. To test a successful login, complete one login with the test credentials first to create the user record.

Getting a test access token programmatically

The app can programmatically get an access token for its test account using the getTestAccessToken method.
getTestAccessToken will throw an error if:
  • Test accounts have not been enabled in the Privy Dashboard
  • Allowed origins or base domain are enabled for the app