> ## Documentation Index
> Fetch the complete documentation index at: https://docs.privy.io/llms.txt
> Use this file to discover all available pages before exploring further.
# Using test accounts
Test accounts can be used to build automated tests, for local development, or to reduce friction during Apple's [App Store review](https://developer.apple.com/app-store/review/) process for mobile apps. A new set of credentials are created each time a test account is enabled, and the old set is revoked to keep the app secure.
Enabling a test account registers a set of **test credentials** (a hardcoded email or phone number
and OTP code). It does **not** create a Privy user record. The user record is created on the first
successful login with those credentials, just like any real user.
To use test accounts, the app must support email or SMS login. Testing other login flows can
either be automated with a library like [Playwright](https://playwright.dev/), or by completing
the flow manually, as it requires authorization with other APIs *(such as social providers)*.
## Enabling test accounts
To enable a test account for an app and get its login credentials:
1. Go to the **User management > Authentication > Advanced** tab of the Privy Dashboard
2. Turn on the **Enable test accounts** toggle
Once enabled, the Dashboard displays the test credentials for the app's test account.
All test credentials follow the same format, where `XXXX`/`XXXXXX` in the credentials below should be substituted with the values shown on the **User management > Authentication > Advanced** page of the Dashboard. Arbitrary values cannot be substituted for `XXXX`/`XXXXXX`, and [plus addressing](https://learn.microsoft.com/en-us/exchange/recipients-in-exchange-online/plus-addressing-in-exchange-online) cannot be used; the credentials from the Dashboard must be used exactly.
| email | phone | OTP *(for either)* |
| -------------------- | ----------------- | ------------------ |
| `test-XXXX@privy.io` | `+1 555 555 XXXX` | `XXXXXX` |
After a test account is enabled, a user can log into the app with the provided email or phone number and OTP code to review and test the app. This first login creates the Privy user record.
Depending on when the Privy app was created, a legacy test account may be enabled with the login
credentials `test@privy.io` or `+1 555 555 5555`. See the **User management > Authentication >
Advanced** page of the Privy Dashboard to determine if this is the case for the app.
Test accounts have a lighter authentication rate limit for apps in development. While all accounts
in production apps and non-test accounts in development apps are limited to 5 requests every 5
minutes for email and 5 requests every 10 minutes for SMS, test accounts in development apps are
limited to 10 requests every 10 seconds for either.
## Testing login-only flows
If the app sets `disableSignup: true` and the test account has never been used to log in, login
attempts fail with a `user_does_not_exist` error and the **Account not found** modal. This is
expected behavior: no Privy user record exists yet, so the login is treated the same as a real user
attempting to sign in without an existing account.
To test this flow, attempt login with the test credentials before completing a first login. To test a
successful login, complete one login with the test credentials first to create the user record.
## Getting a test access token programmatically
The app can programmatically get an access token for its test account using the `getTestAccessToken` method.
`getTestAccessToken` will throw an error if:
* Test accounts have not been enabled in the Privy Dashboard
* Allowed origins or base domain are enabled for the app
Use the `getTestAccessToken` method from the `apps()` interface to get an access token for a test account. To select a specific test account, pass an object with either an `email` or `phone_number` field.
```ts theme={"system"}
import {PrivyClient} from '@privy-io/node';
const privy = new PrivyClient({
appId: process.env.PRIVY_APP_ID!,
appSecret: process.env.PRIVY_APP_SECRET!
});
// Uses the first test account by default
const {access_token} = await privy.apps().getTestAccessToken();
// Or, select a test account by email
const {access_token: tokenByEmail} = await privy.apps().getTestAccessToken({
email: 'test-XXXX@privy.io'
});
// Or, select a test account by phone number
const {access_token: tokenByPhone} = await privy.apps().getTestAccessToken({
phone_number: '+1 555 555 XXXX'
});
```
The method returns a `Promise` for an object containing the `access_token` string. If no test account matches the provided parameters, the method throws an error.