We’re using a local mock version of Internet Identity (not the production one), which assigns anchor numbers like 1000, 1001, etc. The goal is to avoid repeating the login process in every Playwright test by saving and reusing the authentication state.
Problem Summary
• Playwright’s storageState only captures cookies, localStorage, and sessionStorage.
• Internet Identity (even the local mock version) uses WebAuthn, which involves:
• Cryptographic credentials tied to the device/browser
• Unserializable credentials that are not stored in storageState.json
• When Playwright restores the state from storageState.json, it doesn’t restore WebAuthn, so the II session appears logged out even though other data is restored.
⸻
Why this happens
1. WebAuthn credentials are device-bound and can’t be exported or replayed.
2. storageState cannot include WebAuthn credentials.
3. Internet Identity (mock or real) relies on WebAuthn to complete login, so auth breaks after restoring Playwright state
With the II 2.0 frontend rewrite we recently ran into the same issue while moving to Playwright, in the end we moved to using a canister deployment flag to swap out the passkey implementation with a dummy implementation that prompts for a key pair seed instead of webauthn.
Particularly the dummy_auth config is what makes the frontend use a constant key pair instead of webauthn. If you intend to run tests with multiple identities you’ll need to also set prompt_for_index to true.
Previously in II 1.0 we ran e2e tests in WebDriverIO with the VirtualAuthenticator API that mocks the WebAuthn in the browser. This does unfortunately mean that if you intend to test with II 1.0, you’ll be stuck with the VirtualAuthenticator API, which is less trivial to work with in e2e tests.
Hey, I am working with Ali on this issue and we are still having a hard time figuring out how to implement it in a test.
I’ve added screenshots so you can see what we have when using this particular II canister with dummy_auth. In your message I understood that we could login with a key pair seed instead of webauthn.
But when I try to create a new user, I don’t see the keypair option.
Please tell me if I am just using it the wrong way or if there is a problem somewhere
The dummyAuth deployment argument is only implemented in II 2.0 (load page with url + ?FEATURE_FLAG_DISCOVERABLE_PASSKEY_FLOW=true to switch to 2.0).
If you want to use dummyAuth in II 1.0, you’ll need to use the developmentbuild flavor. Keep in mind that dummy auth doesn’t allow for multiple identities in II 1.0 while it does in II 2.0
So the II canister we deploy is version 1.0 and should actually be 2.0 for the dummy_auth to work ? Am I forced to enable it in the url or can I already deploy a 2.0 version canister ?
You need to deploy the canister with the dummy_auth config to enable it in 2.0:
dfx deploy internet_identity --argument "(opt record { dummy_auth = opt opt record { prompt_for_index = true }})
prompt_for_index = true enables multiple dummy passkeys by prompting for an index of choice, each index represents a different dummy passkey.
prompt_for_index = false means you won’t be prompted for an index. This does mean you won’t be able to create multiple identities, since every dummy auth passkey would be the same index (0) without the prompt.
Problem Summary
Why this happens
