OAuth 2.0 and OAuth 2.0 (Azure)

OAuth 2.0 is an authorization method used to provide a third-party application limited access to a protected resource over the HTTPS protocol.

To work with the protected resource, the application (for example, ReadyAPI) needs to get an access token that represents a user’s permission. The process of getting the access token depends on the used authorization flow.

Tip

ReadyAPI stores the OAuth 1.0 authorization profiles in the Authorization Manager so you can later apply them to other requests or test steps. Also, you can use such profiles to specify different authorization settings in various Environments.

OAuth versions

There are two versions of OAuth: OAuth 1 (it uses HMAC-SHA signature strings) and OAuth 2.0 (it uses access tokens sent over HTTPS).

There is also a specific version of OAuth 2.0 that is used in Microsoft Azure Active Directory. Microsoft’s version of OAuth 2.0 requires additional fields to get an access token (for example the resource field). To support these fields, ReadyAPI provides an additional authorization type - OAuth 2.0 (Azure). Select this type if you use Azure Active Directory.

Important

Currently, ReadyAPI does not support all grant methods when you use the OAuth 2.0 authorization for Azure Active Directory. See Grants Methods for details.

Getting started with OAuth 2.0 in ReadyAPI

go.gifOAuth 2.0 Basics

go.gifEnabling OAuth 2.0 Authentication

go.gifEnabling OAuth 2.0 Authentication with Azure Active Directory

Authorization flows

go.gifAuthorization Code Grant

go.gifClient Credentials Grant

go.gifImplicit Grant

go.gifResource Owner Password Credentials Grant

go.gifJWT Profile for Authorization Grants

Updating an access token

go.gifRefresh Access Token

go.gifAutomation Script

More

go.gifOpenID Connect

go.gifAdvanced Options

go.gifGenerating JSON Web Token

See Also

In this section:
© 2025
Publication date: