JMeter Authorization with access token

Authorization with dynamic access token is used to pass dynamic response content to subsequent requests. This is used to validate API authorization.

In this post, we will discuss about fetching access token (dynamic response) with the help of JSON Extractor and pass it as a parameter in subsequent request using BeanShell Assertion.

To achieve this, we need to create 2 Thread Groups:

Thread Group 1 – To generate Access Token  
Thread Group 2 – To pass Access Token to Request 

 

How to setup JMeter to perform above test

Step 1 – Thread Group 1 – Thread Group – Authorization Token Generation

1) Add HTTP Request Sampler – In HTTP Request Control Panel, the Path field indicates which URL request you want to send

 To add: Right-click on Thread Group and select: Add -> Sampler -> HTTP Request

Add valid credentials in the parameters section.

2) Add HTTP Head Manager – The Header Manager lets you add or override HTTP request headers, like can add Accept-Encoding, Accept, Cache-Control

To add: Right-click on Thread Group and select: Add -> Config Element -> HTTP Read Manager

Add Authorization as Headers in Head Manager 

3) Add JSON Extractor – To extract the authentication token from the request , we are going to use JMeter JSON Extractor. The process of extracting a variable from a response works as mentioned below:

First, the server sends back a response ,then a post-processor, like the JSON Extractor is executed which extracts part of the response and put it into a variable like ${token}.

JMeter JSON Extractor

To add: Right-click on Thread Group and select: Add -> Post Processors -> JSON Extractor

The JSON extractor requires us to follow a few steps so we can process the JSON correctly.

1) Name – JSON Extractor
2) Apply to – we will use the defaulted Main Sample Only. The option is: Main sample only – the assertion only applies to the main sample
3) Name of created variables – BEARER
4) JSON Path Expressions – access_token

4) Add BeanShell Assertion -An advanced assertion with full access to JMeter API. Java conditional logic can be used to set the assertion result.

To add: Right-click on Thread Group and select: Add -> Assertions -> BeanShell Assertions

                                           

Add below mentioned script in the Script section of BeanShell Assertion

Script – ${__setProperty(BEARER, ${BEARER})};

Step 2 – Thread Group 2 – Thread Group – Main Request

1) Add HTTP Request Sampler – Below mentioned are the values used in HTTP Request to perform the test

Add valid credentials in the parameters section.

2) Add HTTP Head Manager – We have previously extracted the token from Token Generation request. Now, it’s time to reuse it in headers section of HTTP Head Manager.

Below mentioned are the values used in Http Request to perform the test

Authorization = Bearer ${__property(BEARER)}

Step 3 – Adding Listeners to Test Plan

Listeners – They shows the results of the test execution. They can show results in a different format such as a tree, table, graph or log file

We have added  listeners – View Result Tree 

View Result Tree – View Result Tree show results of the user request in basic HTML format

To add: Right click Test Plan, Add -> Listener -> View Result Tree

Step 4 – Save the Test Plan

To Save: Click File Select -> Save Test Plan as ->Give name of the Test Plan. It will be saved as .jmx format.

Step 5  – Run the Test Plan

Click on Green Triangle as shown at the top to run the test.

Step 6 – View the Execution Status

Click on View Result Tree to see the status of Run. Successful request will be of Green color in the Text Section

Here, we can see that Token Generation request is successfully processed.

Below image shows that the Main Request is successfully executed too.

 

6 thoughts on “JMeter Authorization with access token

    1. If you want to add Authorization to Headers in JMeter, go to HTTP Header Manager and under Headers Stored in the Header Manager, use add button and then add Name as Authorization and Value as Bearer c0b16ed4f564efde05eeb0939938ce704e9e1220

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s