how to parameterize Bearer token authorization in Jmeter

A bit easier JMeter setup (login/get):

Thread Group

  • HTTP Request, Body Data: { "Login":"some", "Password":"credentials" }

    • HTTP Header Manager: content-type application/json
    • JSON Extractor - Names of created variables: Token; JSON Path expression: tokenName (root level in my case)
  • HTTP Request

    • HTTP Header Manager: content-type -> application/json; Authorization -> Bearer ${Token}
    • Response Assertion: Fields to Test = Response Code; Pattern Matching Rules = Equals, Not; Pattern to Test 401
  • View Results Tree to check results

Local IE Ajax version in case...

<SCRIPT>
var baseUri = 'https://localhost:port';
var tokenUri = '/something';
var getUri = '/restrictedData';
var token;
var form = { "Login":"some", "Password":"credentials" };
postRequest(baseUri + tokenUri, form, gotToken)

function gotToken(progress) {
    var response = progress.srcElement;
    if (response.status != 200) {
        document.body.innerText = "Error:\n" + response.response;
        return;
    }
    token = JSON.parse(response.response);
    console.log(JSON.stringify(token));
    var restricted = getRequest(baseUri + getUri, token.tokenName, gotRestricted);
}
function gotRestricted(progress) {
    var jsonStr = progress.srcElement.response;
    var jsonObj = JSON.parse(jsonStr);
    document.body.innerText = JSON.stringify(token,null,2) + '\n\n' + JSON.stringify(jsonObj,null,2);
}
function getRequest(url, token, callback) {
    var xhr = new XMLHttpRequest();
    xhr.onloadend = callback;
    xhr.open('GET', url);
    xhr.setRequestHeader('contentType', 'application/json')
    if (token) xhr.setRequestHeader("Authorization", "Bearer " + token);
    xhr.send();
    return xhr;
}
function postRequest(url, body, callback) {
    var xhr = new XMLHttpRequest();
    xhr.onloadend = callback;
    xhr.open('POST', url);
    xhr.setRequestHeader('Content-Type', 'application/json')
    xhr.send(JSON.stringify(body));
    return xhr;
}
</SCRIPT>

Use Header Manager to pass the Token as a Header so you would have:

Header Manager

See for more details:

https://stackoverflow.com/a/43283700/460802

If you're looking to learn jmeter correctly, this book will help you.


Add Bearer ${token} in HTTP Header Manager available under failing HTTP Request.

image HTTP Request


If you already have the bearer token and just want to use in in header manager then, in HTTP HEADER MANAGER tab, put these values under NAME and VALUE column respectively.

Name: Authorization                        
Value: Bearer "add your actual token without quotes"

Tags:

Jmeter