Unless you're load testing static sites or blogs, you're probably going to need to get through some sort of an authentication barrier to be able to test your server's performance. In this article we're going to set up a quick prototype for handling Token-based authentication with our favorite load testing tool - JMeter.

Alright, here's what we're going to need:

  • A Test Plan (this should be present by default when opening JMeter)
  • A Thread Group
  • View Results Three
  • HTTP Request - for authentication
  • JSON Extractor - to extract the token
  • Simple Controller - to group requests that need authentication
  • HTTP Header Manager - to append the token for subsequent requests
  • HTTP Request - the actual request to be tested

Refer to the image below to check how the final result should look like:

Alright, let's go through these steps one-by-one ✔️

Step 1: Create a Thread Group

TIP: Right click Test Plan > Add > Threads (Users) > Thread Group

The Thread Group can stay with it's default values, we don't really care about it at this point - all that really matters is that we got something to execute.

Step 2: Create a View Results Three

TIP: Right click Test Plan > Add > Listener > View Results Three

We're going to need a results three so we can check if the requests succeeded or failed. You'll be able to see the check the test output, as well as details from each Request here.

Step 3: Create a HTTP Request

TIP: Right click Thread Group > Add > Sampler > HTTP Request

Inside the Thread Group, we're going to need this HTTP Request to send our initial authentication request to the server. You'll probably configure a POST request and send some JSON data to your authentication endpoint here.

Step 4: Create a JSON Extractor for the HTTP Request

TIP: Right click HTTP Request > Add > Post Processors > JSON Extractor

This is the most important step. 🛑

We're going to add a JSON extractor to the Authentication Request we created earlier, so that we can extract the token value and store it in a global variable.

We're using JSON Path syntax for extracting the value.

Great. Now the token returned should be stored in a global variable called token.

Step 5: Create a Simple Controller

TIP: Right click Thread Group > Add > Logic Controllers > Simple Controller

We're using the simple controller to logically group every request that needs the authentication token and apply it to them via the HTTP Header Manager.

Step 6: Create an HTTP Header Manager

TIP: Right click Simple Controller > Add > Config Element > HTTP Header Manager

This is the second most important step. 🛑

We're using the HTTP Header Manager to add the authentication token to the header of every request grouped inside the Simple Controller we created above.

We're going to use the double curly bracket templating syntax to inject the token value into the header - something like this {{ token }}

Step 7: Create the Actual HTTP Request that Needs Authentication

TIP: Right click Simple Controller > Add > Sampler > HTTP Request

As the final step, add the HTTP Request that we're supposed to test, and configure the route.

That's it. Have fun!