Hi,
I’ve encountered an issue where accessing a Vault variable during a performance test results in the error:
Vault access denied
Important context:
- Vault usage is enabled in the workspace settings.
- The collection includes Vault access permissions.
- The same request works fine when executed directly (outside performance testing).
To reproduce the issue, I’ve created the following setup:
Pre-request Script (on the collection):
// Testing behavior with Environment Variables
pm.request.headers.upsert({key: `Before-Env-Var-Call`, value:"test"});
const envVar = pm.environment.get('var')
pm.request.headers.upsert({key: `After-Env-Var-Call`, value:"test"});
// Testing behavior with Vault
pm.request.headers.upsert({key: `Before-Vault-Call`, value:"test"});
try{
const vaultValue = await pm.vault.get('secret')
} catch (error) {
pm.request.headers.upsert({key: `Catch`, value:`${error.message}`})
}
pm.request.headers.upsert({key: `After-Vault-Call`, value:"test"});
Request URL (intentionally invalid to inspect headers in performance test):
http://{empty-variable}/
Observed Behavior:
-
When executed manually: The Vault variable is successfully accessed.
-
During performance testing: The Catch header shows Vault access denied, and After-Vault-Call is still present, indicating that the whole script ran to the end.
Please advise if Vault access is restricted in performance testing or if this is a misconfiguration or bug.
Review performance test environment/session permissions.
Ensure that the session/context running performance tests is explicitly allowed to access Vault secrets.
Or
Try an alternate approach
If you need secrets in performance tests, consider using environment variables instead, if supported, and ensure permissions are set for those variables.
Thanks for your answer. The second option is unfortunately not for me because vault secret must be accessed from many environments.
Also how can I check that session/context runnning performance tests is allowed to acess vault? If I run request with the same pre-request script it works fine. Is there a dedicated settings window for performance tests?
To verify whether the session or context running your performance tests has permission to access Vault secrets, start by reviewing any specific configuration options available for performance testing in your API platform. While manual requests and performance tests may appear similar, they often execute under different contexts or service accounts, which can affect Vault access. Typically, there is no dedicated settings window exclusive to performance tests, but you should check the workspace or environment settings to confirm what permissions are granted to automated or test runs. Additionally, consult documentation or support resources to see if there are advanced Vault access controls that need to be enabled for performance testing. If possible, try to identify if the test runner uses a separate user or token, and ensure that it has explicit Vault access permissions. This process can help you pinpoint and resolve access issues that do not occur during manual test execution.
