How to refresh Bearer token while testing APIs

[Rakshith Jr]

Hello,

I am using openapi swaggerfile to test API which has bearer token which is expiring in 5 minutes,

So how to automate this in zap as this involves Oauth authentication,

Thanks and Regards,

Rakshith JR

[Simon Bennetts]

You can either configure ZAP to understand Oauth authentication or handle the authentication yourself.

See https://www.zaproxy.org/docs/authentication/

If you choose to handle it yourself then this script may be useful: https://github.com/zaproxy/community-scripts/blob/main/authentication/OfflineTokenRefresh.js

If anyone implements more scripts for handleing Oauth (or any other srt of authentication) then please submit them to the Community Scripts repo :)

Cheers,

Simon