Advanced Options

Applies to ReadyAPI 3.7, last modified on April 08, 2021

You use the advanced OAuth 2.0 settings to define how an access token should be handled.

OAuth 2.0 Advanced Options

Click the image to enlarge it.

There are three settings: one of them relates to sending requests, the others relate to refreshing the access token.

Send Access Token As

The Send Access Token option defines where the access token is sent.

Option Description Example
Header

The access token is sent as the request header.

Authorization: Bearer rRR0GnTudjuUUGaSt0n
Query

The access token is sent as a query parameter.

https://www.example.com/a/v1/y/{userId}?access_token=rRR0GnTudjuUUGaSt0n

Refresh Access Token

The Refresh Access Token option configures whether ReadyAPI updates the expired access token automatically or not.

Tip: Use the Access Token Expiration Time option to configure when ReadyAPI should mark an access token as expired.
Option Description
Automatic

(Default) ReadyAPI updates the access token automatically.
         If the authentication server provides a refresh token, ReadyAPI uses it to get a new access token. Otherwise, ReadyAPI runs automation if it is configured.

Manual

You need to update an access token manually.
If the authentication server provides a refresh token, you can use it to get a new access token. To do this, click Refresh next to the access token:

Manual Refresh

Click the image to enlarge it.

Note: The button is not available if the authentication server does not provide a refresh token.

Access Token Expiration Time

The Access Token Expiration Time option defines the expiration time for the access token. You can use the expiration time provided by the server, or you can specify the time you need manually.

Note: The 0 value indicates that the token will never expire. There is no setting for immediate expiration of the token.
Option Description
Server

ReadyAPI uses time provided by the authorization server.

Custom

ReadyAPI marks the token as expired after the specified number of seconds, minutes, or hours elapses.

See Also

Automating Token Retrieval
OAuth 2.0 Grant Types
OpenID Connect Grant Types
About OAuth 2.0
OAuth 2.0 and OAuth 2.0 (Azure)

Highlight search results