I will plan automate my API tests.
In tests I use token which generated by Auth0.
For take this token I use login\password for authentication on website and copy token in special info section.
How I can receive this token automatically and paste it in my yml file with test ?
You can enable the Resource Owner Password Grant, which lets applications exchange a user’s credentials directly for a token. You should enable this only for the test application, and the test suite can get a token using this flow.
Is it mean that I must include clientID/secretID of application inside tests ?
That is correct. You should have a client/application created specifically for this purpose, and make sure it’s only available on a test/dev environment.
Another option would be to change the configuration of your backend API in the testing environment to accept tokens signed with an alternative key (not the one from Auth0), and build the tokens yourself from a test helper/mocked token issuer.
Is this something that can bypass MFA? Similar issue here with trying to run automated tests and having MFA enabled.