Enabling OAuth 2.0 Authentication

Applies to ReadyAPI 3.57, last modified on December 20, 2024

This tutorial explains how to enable OAuth 2.0 authorization for a REST request.

To configure OAuth 2.0 authorization, you need to:

  • Create and configure an authorization profile.

  • Retrieve an access token.

1. Add an Authorization Profile

First, you need to add an OAuth 2.0 authorization profile:

  1. Open a REST request.

  2. Open the Auth panel:

    OAuth 2.0: Auth Tab

    Click the image to enlarge it.

  3. Click Add Authorization Profile:

    OAuth 2.0: Adding Authentication Profile

    Click the image to enlarge it.

  4. In the resulting dialog, select the OAuth 2.0 type and enter the profile name. Click OK:

    OAuth 2.0: Add Authentication Dialog

    Click the image to enlarge it.

2. Configure Authorization

After you add the authorization profile, you need to get an access token from the server. In this tutorial, you get it by using the Authorization Code grant type:

  1. Expand the Get Access Token drop-down list.

  2. Specify the authorization data. For a reference about the required parameters, see the OAuth 2.0 Grant Types section.

  3. Click Get Access Token:

    OAuth 2.0: Getting Access Token
    Note: ReadyAPI users are now able to add the Audience parameter to the OAuth request, if required.

ReadyAPI will get the access token from the server and display it in the Access Token field:

OAuth 2.0: Access Token retrieved from server

Click the image to enlarge it.

Note: From version 3.42, you can use and insert Property Expansions in the Authentication types via the Get Data menu.

Insert Property Expansion

Click the image to enlarge it.

Insert Property Expansion

Click the image to enlarge it.

After You Configure Authorization

OAuth 2.0 tokens can change from time to time. To avoid the need to update them manually, you can configure ReadyAPI to check if a token is up-to-date before sending a request and retrieve the token automatically. For more information about automating token retrieval, see the Automating Token Retrieval section.

See Also

Enabling OAuth 2.0 Authentication with Azure Active Directory
OAuth 2.0 Basics
OAuth 2.0 Grant Types
OpenID Connect

Highlight search results