JMeter authorization configuration using a static API token key

Question

We are using JMeter v5.3 to run performance tests against our SIT Server instance of JIRA v8.13.22. We setup our JMeter tests with basic authentication via the "HTTP Authorization Manager" and the "Basic Digest" mechanism. We have recently installed the "API Token Authentication for Jira" plugin and turned off basic authentication to JIRA. See: Plugin Admin docs. Therefore all REST calls to JIRA via application accounts must now login with an application user that has a registered API key with JIRA.

As expected, our JMeter tests now fail with "403 Forbidden" errors due to the Basic Auth setup with the error: "Basic Auth with password is disabled by the API Token Authentication app". I found articles similar to JMeter Authorization with access token, but they use "authorization with dynamic access token".

How do we configure JMeter to authorize with a registered static API token key?

Answer 1

Have you tried to read the documentation you linked yourself? Because the very first stanza which I see looks like:

The Token use itself is very simple - in the place where you would usually use the password, you just use the Token itself

Previously you were sending Authorization header with the value of Basic followed by your Base64 encoded credentials (this is what HTTP Authorization Manager was doing under the hood). So all you need to do is to replace the password with the token and that would be it.

You can also send the same Authorization header with the value of Bearer followed by your token value. It can be done using HTTP Header Manager

Here is an example of authenticating via curl:

curl "https://YOUR_JIRA_BASEURL/rest/api/2/myself" \
 -u '<USERNAME>:<YOUR_API_TOKEN>'

And in JMeter you can generate a Test Plan from curl command