Summary
A very common method to authenticate with an API is to first utilize basic authentication credentials that get exchanged for an OAuth Bearer Token in a POST request, and then pass the Bearer Token into a subsequent GET request to query the target API for requested data.
This process can be accomplished using ThousandEyes' API Test in as little as 2 Steps. Step 1 sends a POST request using Basic Auth that returns a Bearer Token in a JSON object in the response body. Utilizing Post-Request Options, the JSON is parsed and the Bearer Token is saved as a variable that may be passed to Step 2 and any other subsequent steps.
Process
Test Configuration
- Create an API Test
- Configure the test’s network measurements as desired
- Select "Configure Target API"
Step 1
- Use POST method and configure API endpoint URL for access token generation
- Set Authentication to "Basic"
- Enter credentials to be used for Basic Authentication:
![Rutherford1.png Rutherford1.png](https://community.cisco.com/t5/image/serverpage/image-id/220767i2872A7DBD73FA2DC/image-size/large?v=v2&px=999)
- Configure Parameters, Headers, Body, and Assertion Rules as desired
- Navigate to Post-Request Options
- Deselect "Collect Response for this API step" to remove secrets from test results
- Declare a variable to capture the OAuth token returned from the request and the JSON object to capture from. In this case "token" is the variable and "access_token" is the key that captures the token's value from the JSON response:
![Rutherford2.png Rutherford2.png](https://community.cisco.com/t5/image/serverpage/image-id/220768i243A03EE7A62E552/image-size/large?v=v2&px=999)
- Select "Add Step" to proceed with the configuration of Step 2
Step 2
- Use GET method and configure API endpoint URL to retrieve data
- Set Authentication Type to "Bearer Token"
- Enter "{{token}}" in the Bearer Token field to select the variable of "token", the variable menu will appear once "{{" is entered to confirm the variable is available to be selected:
![Rutherford3.png Rutherford3.png](https://community.cisco.com/t5/image/serverpage/image-id/220770i1067FA3E73B395C8/image-size/large?v=v2&px=999)
![Rutherford4.png Rutherford4.png](https://community.cisco.com/t5/image/serverpage/image-id/220769i105D73461E492E8F/image-size/medium?v=v2&px=400)
- Configure Parameters, Headers and Assertion Rules as desired
- As a result, Bearer Authentication has succeeded and a JSON array of Cisco Routers is returned!
![Rutherford6.png Rutherford6.png](https://community.cisco.com/t5/image/serverpage/image-id/220771i321D5099350A1CAB/image-size/large?v=v2&px=999)
And that's all there is to it. If you experience any issues with this implementation please consider reaching out to us via chat - we're always happy to help!