1. Home
  2. Docs
  3. Examples
  4. HTTP Bearer-token Authentication

HTTP Bearer-token Authentication

GUARDARA provide the Authenticate action for synchronous test flows to automatically authenticate HTTP requests. This action is only available if “Web Test Flow” is enabled under the Flow Configuration of the Flow template. However, if you would like to test the implementation of authentication mechanism itself, this page provide guidance on how to set up the authentication scheme in a fully configurable/customizable way.

Implementing authentication using Bearer tokens (RFC 6750) with GUARDARA is a very similar process to what we have discussed when implementing HTTP Basic authentication. Therefore, instead of starting from scratch, this example assumes that the reader is already familiar with the topics and techniques discussed earlier.

This example is fairly simple and demonstrates a scenario where we already have obtained a token that we are going to provide to GUARDARA manually in the Project configuration.

Message Template

We can start out from the Message template created in the HTTP Basic authentication example. To send a bearer token instead of the base64-encoded credentials, we have to create the appropriate Session Variable and adjust the Authorization header a bit. The Authorization header we need in this case look like this:

Authorization: Bearer ${token}

First, let’s create the Session Variable to hold our bearer token. A screenshot showing this can be seen below.

As the next step, we update our request template. We have to update the authorization type field and use a Reference field to refer to the value of the Token session variable within the Authorization header. This can be seen below.

You can download the JSON object of the above example from HERE. Then, you can copy-paste the JSON object into the editor by clicking on View > View Code in the editor menu. However, if you are new to GUARDARA, we recommend creating this template manually.

Basic Flow Implementation

Now that the Message template is ready, it is time to set up a basic Flow template to tell GUARDARA what actions to perform during the test. First, we add three Actions to tell GUARDARA to connect to the target, send a test case and finally, disconnect from the target. Next, we drag and drop our Message template created previously onto the Send action so that GUARDARA knows which Message template to use to generate test cases. The relevant section of the HTTP Basic authentication example includes a video that demonstrates the process.

Project Configuration

The final step is to create a Project based on the Flow template created earlier. For this, we select our Flow template on the Templates page, then choose File > Create Project from the menu. When adding a new target to test during Project configuration, we can see that the Session Variables configuration section allows configuring the Token we defined. Even better, we can define a different token to be used for each target added to the Project.

Was this article helpful to you? Yes No