We’re using a local mock version of Internet Identity (not the production one), which assigns anchor numbers like 1000, 1001, etc. The goal is to avoid repeating the login process in every Playwright test by saving and reusing the authentication state.
Problem Summary
• Playwright’s storageState only captures cookies, localStorage, and sessionStorage.
• Internet Identity (even the local mock version) uses WebAuthn, which involves:
• Cryptographic credentials tied to the device/browser
• Unserializable credentials that are not stored in storageState.json
• When Playwright restores the state from storageState.json, it doesn’t restore WebAuthn, so the II session appears logged out even though other data is restored.
⸻
Why this happens
1. WebAuthn credentials are device-bound and can’t be exported or replayed.
2. storageState cannot include WebAuthn credentials.
3. Internet Identity (mock or real) relies on WebAuthn to complete login, so auth breaks after restoring Playwright state
With the II 2.0 frontend rewrite we recently ran into the same issue while moving to Playwright, in the end we moved to using a canister deployment flag to swap out the passkey implementation with a dummy implementation that prompts for a key pair seed instead of webauthn.
See the e2e tests here: internet-identity/src/frontend/tests/e2e-playwright at main · dfinity/internet-identity · GitHub
And canister deployment arguments needed for the above tests:
dfx canister install internet_identity --wasm internet_identity_test.wasm.gz --argument "(opt record { captcha_config = opt record { max_unsolved_captchas= 50:nat64; captcha_trigger = variant {Static = variant { CaptchaDisabled }}}; related_origins = opt vec { \"https://id.ai\" }; new_flow_origins = opt vec { \"https://id.ai\" }; dummy_auth = opt opt record { prompt_for_index = true }})"
Particularly the dummy_auth config is what makes the frontend use a constant key pair instead of webauthn. If you intend to run tests with multiple identities you’ll need to also set prompt_for_index to true.
Previously in II 1.0 we ran e2e tests in WebDriverIO with the VirtualAuthenticator API that mocks the WebAuthn in the browser. This does unfortunately mean that if you intend to test with II 1.0, you’ll be stuck with the VirtualAuthenticator API, which is less trivial to work with in e2e tests.
1 Like