OAuth 2.0 and OAuth 2.0 (Azure)

Applies to ReadyAPI 3.41, last modified on September 23, 2022

OAuth 2.0 is an authorization method used to provide to a third-party application a limited access to a protected resource over the HTTPS protocol.

To work with the protected resource, the application (for example, ReadyAPI) needs to get an access token that represents a user’s permission. The process of getting the access token depends on the used authorization flow.

Tip: ReadyAPI stores the OAuth 2.0 authorization profiles in the Authorization manager, so you can later apply them to other requests or test steps. Also, you can use such profiles to specify different authorization settings in various environments.

OAuth versions

There are two versions of OAuth: OAuth 1 (it uses HMAC-SHA signature strings) and OAuth 2.0 (it uses access tokens sent over HTTPS).

There is also a specific version of OAuth 2.0 that is used in Microsoft Azure Active Directory. Microsoft’s version of OAuth 2.0 requires additional fields to get an access token (for example the resource field). To support these fields, ReadyAPI provides an additional authorization type - OAuth 2.0 (Azure). Select this type if you use Azure Active Directory.

Currently, ReadyAPI does not support all grant methods when you use the OAuth 2.0 authorization for Azure Active Directory. See Grants Methods for details.

Getting started with OAuth 2.0 in ReadyAPI

Authorization flows

Updating an access token


See Also

Authentication Types

Highlight search results