JMeter Authorization with access token

HOME

Authorization with dynamic access token is used to pass dynamic response content to subsequent requests. This is used to validate API authorization.

In this post, we will discuss about fetching access token (dynamic response) with the help of JSON Extractor and pass it as a parameter in subsequent request using BeanShell Assertion.

To achieve this, we need to create 2 Thread Groups:

Thread Group 1 – To generate Access Token  
Thread Group 2 – To pass Access Token to Request 

How to set up JMeter to perform the above test

Step 1 – Add Thread Group 1 : Thread Group – Authorization Token Generation

1) Add Thread Group – We should provide the name of the Thread Group. In this case, this thread group is used to generate the token, so named as Token Generation. We want to generate only 1 token, so Number of Threads, Ramp-up period and Loop Count are 1 only.

2) Add HTTP Request Sampler – In the HTTP Request Control Panel, the Path field indicates which URL request you want to send

 To add: Right-click on Thread Group and select: Add -> Sampler -> HTTP Request

Add valid credentials in the parameters section.

3) Add HTTP Head Manager – The Header Manager lets you add or override HTTP request headers like can add Accept-Encoding, Accept, Cache-Control

To add: Right-click on Thread Group and select: Add -> Config Element -> HTTP Read Manager

Add Authorization as Headers in Head Manager 

4) Add JSON Extractor – To extract the authentication token from the request, we are going to use JMeter JSON Extractor. The process of extracting a variable from a response works as mentioned below:

First, the server sends back a response, then a post-processor, like the JSON Extractor is executed which extracts part of the response and put it into a variable like ${token}.

To add: Right-click on Thread Group and select: Add -> Post Processors -> JSON Extractor

The JSON extractor requires us to follow a few steps, so we can process the JSON correctly.

1) Name – JSON Extractor
2) Apply to – we will use the defaulted Main Sample Only. The option is: The main sample only – the assertion only applies to the main sample
3) Name of created variables – BEARER
4) JSON Path Expressions – access_token

5) Add BeanShell Assertion -An advanced assertion with full access to JMeter API. Java conditional logic can be used to set the assertion result.

To add: Right-click on Thread Group and select: Add -> Assertions -> BeanShell Assertions

Add below-mentioned script in the Script section of BeanShell Assertion

${__setProperty(BEARER, ${BEARER})};

Step 2 – Add Thread Group 2 : Thread Group – Main Request

1) Add Thread Group – Provide name to this Thread Group. I have also provided number of threads, ramp up and duration in the thread group as shown in the image

We can also parameterize the values of number of threads, ramp-up period and duration using a JMeter property called ___P. You can ask, why we are using property function in JMeter. It is because this makes the JMeter script configurable. We can pass any value through command line without making any change in t he script.

___P – This is a simplified property function which is intended for use with properties defined on the command line. 

If no default value is supplied, it is assumed to be 1. The value of 1 was chosen because it is valid for common test variables such as loops, thread count, ramp up etc.

${__P(group1.threads)} – return the value of group1.threads

${__P(THREADS,1)} – This THREADS value will be passes through command line. If no value is passed, by default, it will chose 1 .

Similarly, ramp up and duration are parameterized.

${__P(THREADS,1)}
${__P(RAMPUP,1)}
${__P(DURATION,1)}

2) Add HTTP Request Sampler – Below-mentioned are the values used in HTTP Request to perform the test

Add valid request body in the Body Data section (if the request is POST).

3) Add HTTP Head Manager – We have previously extracted the token from the Token Generation request. Now, it’s time to reuse it in the header section of HTTP Head Manager.

Below-mentioned are the values used in the HTTP Request to perform the test

Authorization = Bearer ${__property(BEARER)}

Step 3 – Adding Listeners to Test Plan

Listeners – They show the results of the test execution. They can show results in a different format such as a tree, table, graph, or log file

We have added  listeners – View Result Tree 

View Result Tree – View Result Tree show results of the user request in basic HTML format

To add: Right-click Test Plan, Add -> Listener -> View Result Tree

Step 4 – Save the Test Plan

To Save: Click File Select -> Save Test Plan as ->Give the name of the Test Plan. It will be saved as .jmx format.

Step 5  – Run the Test Plan

Click on Green Triangle as shown at the top to run the test.

Step 6 – View the Execution Status

Click on View Result Tree to see the status of Run. A successful request will be of a Green color in the Text Section

Here, we can see that the Token Generation request is successfully processed.

The below image shows that the Main Request is successfully executed too.

Congratulation!! We are able to add an authorization token generated by a request and add it to another request and processed the request using JMeter. 

10 thoughts on “JMeter Authorization with access token

    1. If you want to add Authorization to Headers in JMeter, go to HTTP Header Manager and under Headers Stored in the Header Manager, use add button and then add Name as Authorization and Value as Bearer c0b16ed4f564efde05eeb0939938ce704e9e1220

      Like

  1. Hi vibssingh,

    I am looking to extract the bearer token from one thread but i do not have access_token its coming as response data so i did (.*) for json extractor but in the next thread the bearer token is not being picked up.

    can you help me

    Regards
    #Nipun

    Like

    1. You need to save the bearer token that is coming from the response to a variable like here, it is saved to BEARER and then add this as authorization to the next thread. You have to add HTTP Header Manager for the next thread and pass the already created variable here.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s