Enabling OAuth 2.0 Authentication

This tutorial explains how to enable OAuth 2.0 authorization for a REST request.

Overview

To configure OAuth 2.0 authorization, you need to:

  • Create and configure an authorization profile.

  • Retrieve an access token.

1. Add an Authorization Profile

  1. Open a REST request.

  2. Open the Auth panel and click Add Authorization Profile.

    ReadyAPI Navigator panel showing REST Sample Project expanded with the Login request selected and highlighted in orange under Simple Login Call test case in the Sample REST Test Suite. The main editor shows Test Step Login as a GET request to the localhos

  3. In the Add Authorization Profile dialog, select OAuth 2.0 from the Type dropdown and enter a profile name. Click OK.

    ReadyAPI Add Authorization Profile dialog showing the Type dropdown set to "OAuth 2.0" and the Profile Name field set to "MyProfile". A placeholder hint below the field shows example names "Administrator" and "Server24". OK and Cancel buttons appear at th

2. Configure Authorization

After you add the authorization profile, you need to get an access token from the server. In this tutorial, you get it by using the Authorization Code grant type:

  1. Expand the Get Access Token drop-down list.

  2. Specify the authorization data. For a reference on the required parameters, see the OAuth 2.0 Grant Types section.

    Note

    You can add additional parameters to the OAuth 2.0 access token request by enabling Additional Parameters. ReadyAPI appends the custom name–value pairs to the request body and supports property expansion.

    ReadyAPI Additional Parameters panel shown expanded with the checkbox selected. A toolbar with add, move up, move down, sort, clear, import, export, and delete icons appears above a two-column table. The table contains two rows: example1 set to "value1" a

  3. Click Get Access Token:

    ReadyAPI Get Access Token from the authorization server form showing the OAuth 2 Flow set to "Authorization Code Grant". The following fields are empty: Client Identification, Client Secret, Authorization URL, Access Token URL, Redirect URL, Audience, Sco

    ReadyAPI retrieves the access token from the server and displays it in the Access Token field.

Note

From version 3.42, you can use and insert Property Expansions in the Authentication types by using the Get Data menu.

Insert Property Expansion
Insert Property Expansion

After You Configure Authorization

OAuth 2.0 tokens can change from time to time. To avoid the need to update them manually, configure ReadyAPI to check whether a token is up to date before sending a request, and to automatically retrieve the token. For more information about automating token retrieval, see the Automating Token Retrieval section.

See Also

In this section:
© 2026
Publication date: