OAuth 2.0 and OAuth 2.0 (Azure)
OAuth 2.0 is an authorization protocol that grants third-party applications limited access to a protected resource over HTTPS.
To access the protected resource, the application (for example, ReadyAPI) retrieves an access token that represents a user's permission. The retrieval process depends on the authorization flow you use.
Tip
ReadyAPI stores the OAuth 2.0 authorization profiles in the Authorization Manager so you can apply them to other requests or test steps. You can also use these profiles to specify different authorization settings across Environments.
OAuth versions
OAuth has two versions: OAuth 1.0, which uses HMAC-SHA-1 signature strings, and OAuth 2.0, which uses access tokens sent over HTTPS.
Microsoft Azure Active Directory uses a specific version of OAuth 2.0 that requires additional fields to retrieve an access token - for example, the resource field. To support these fields, ReadyAPI provides an additional authorization type: OAuth 2.0 (Azure). Select this type when using Azure Active Directory.
Important
ReadyAPI does not currently support all grant methods for OAuth 2.0 authorization with Azure Active Directory. See Grants Methods for details.