Authorization with dynamic access token is used to pass dynamic response content to subsequent requests. This is used to validate API authorization.
In this post, we will discuss about fetching access token (dynamic response) with the help of JSON Extractor and pass it as a parameter in subsequent request using BeanShell Assertion.
To achieve this, we need to create 2 Thread Groups:
Thread Group 1 – To generate Access Token
Thread Group 2 – To pass Access Token to Request
How to setup JMeter to perform above test
1) Add HTTP Request Sampler – In HTTP Request Control Panel, the Path field indicates which URL request you want to send
To add: Right-click on Thread Group and select: Add -> Sampler -> HTTP Request
Add valid credentials in the parameters section.
2) Add HTTP Head Manager – The Header Manager lets you add or override HTTP request headers, like can add Accept-Encoding, Accept, Cache-Control
To add: Right-click on Thread Group and select: Add -> Config Element -> HTTP Read Manager
Add Authorization as Headers in Head Manager
3) Add JSON Extractor – To extract the authentication token from the request , we are going to use JMeter JSON Extractor. The process of extracting a variable from a response works as mentioned below:
First, the server sends back a response ,then a post-processor, like the JSON Extractor is executed which extracts part of the response and put it into a variable like ${token}.
JMeter JSON Extractor
To add: Right-click on Thread Group and select: Add -> Post Processors -> JSON Extractor
The JSON extractor requires us to follow a few steps so we can process the JSON correctly.
1) Name – JSON Extractor
2) Apply to – we will use the defaulted Main Sample Only. The option is: Main sample only – the assertion only applies to the main sample
3) Name of created variables – BEARER
4) JSON Path Expressions – access_token
4) Add BeanShell Assertion -An advanced assertion with full access to JMeter API. Java conditional logic can be used to set the assertion result.
To add: Right-click on Thread Group and select: Add -> Assertions -> BeanShell Assertions
Add below mentioned script in the Script section of BeanShell Assertion
Script – ${__setProperty(BEARER, ${BEARER})};
Step 2 – Thread Group 2 – Thread Group – Main Request
1) Add HTTP Request Sampler – Below mentioned are the values used in HTTP Request to perform the test
Add valid credentials in the parameters section.
2) Add HTTP Head Manager – We have previously extracted the token from Token Generation request. Now, it’s time to reuse it in headers section of HTTP Head Manager.
Below mentioned are the values used in Http Request to perform the test
Authorization = Bearer ${__property(BEARER)}
Listeners – They shows the results of the test execution. They can show results in a different format such as a tree, table, graph or log file
We have added listeners – View Result Tree
View Result Tree – View Result Tree show results of the user request in basic HTML format
To add: Right click Test Plan, Add -> Listener -> View Result Tree
Step 4 – Save the Test Plan
Step 5 – Run the Test Plan
Click on Green Triangle as shown at the top to run the test.
Step 6 – View the Execution Status
Click on View Result Tree to see the status of Run. Successful request will be of Green color in the Text Section
Here, we can see that Token Generation request is successfully processed.
Below image shows that the Main Request is successfully executed too.
QA Automation Expert 
This is very useful information. I was struggling to get the authorization done in JMeter from long time.
LikeLike
Thanks Iqbal. Please check other blogs on JMeter too
LikeLike
Good work
LikeLike
This is what I was looking from so long. Glad to see this. I tried it and it works exactly as mentioned here. Thanks
LikeLike
how to set token key in Headers as example below
Key : Authorization
Value Token : c0b16ed4f564efde05eeb0939938ce704e9e1220
LikeLike
If you want to add Authorization to Headers in JMeter, go to HTTP Header Manager and under Headers Stored in the Header Manager, use add button and then add Name as Authorization and Value as Bearer c0b16ed4f564efde05eeb0939938ce704e9e1220
LikeLike