How do you write a Automation test script to validate access_token value in response body that keeps changing with each send request?

farhanhasanali · February 28, 2022, 5:24pm

My question:
How do you write a Automation test script to validate access_token value in response body that keeps changing with each send request?

w4dd325 · March 1, 2022, 12:57pm

Hi @farhanhasanali

The detail you have provided is very minimal, but as far as I know, access tokens (in particular jwt/bearer tokens) are usually encoded with a time stamp so it would be incredibly difficult (practically impossible) to guess what the expected value should be … this is why they are considered secure.

You could however, consider capturing the token and decrypting it if you know the algorithm etc. used to encode it. You would then see the original values used to create the token …

Not sure if that’s what you are trying to achieve though.

garuda.tht · March 1, 2022, 5:05pm

Just to clarify: JWT tokens are not encrypted. They are encoded and can be read by anyone receiving it. The security relies on the way they are exchanged (for instance oAuth 2.0, as part of its specification, requires to have an encrypted connection on exchange).

farhanhasanali · March 1, 2022, 7:33pm

Thank you everyone for your help… I noticed that i was able to get it to capture in console.
pm.test(" Validate access_token !=null or undefined validation ", function (){

    var jsonData = pm.response.json();

    pm.expect(jsonData.access_token).not.eql([null,undefined]);

    console.log("SUCCESS: - ACCESS TOKEN FIELD IS NOT NULL OR UNDEFINED")

    });

w4dd325 · March 4, 2022, 9:18pm

Fair shout, my mistake, it’s been a long week.