Skip to main content

Authorization OAuth 1.0 in Katalon Studio

To learn more about OAuth 1.0, you can refer to OAuth documentation: OAuth Core 1.0 Revision A.

The following fields are supported in Katalon Studio:

Consumer KeyThe API key associated with the application (Twitter, Facebook, etc.). This key (or 'client ID', as Facebook calls it) is what identifies the client, which is a website/service that is trying to access an end-user's resources.
Consumer SecretThe client password that is used to authenticate with the authentication server, which is a Twitter/Facebook/etc. server that authenticates the client.
Signature MethodThe consumer uses either HMAC-SHA1 or RSA-SHA1 to sign the request. For signature method RSA-SHA1, only OpenSSL RSA Private key with PKCS#8 or PKCS#1 format is supported.
TokenWhat is issued to the client once the client successfully authenticates itself (using the consumer key & secret). This access token defines the privileges of the client (what data the client can and cannot access).
Token SecretThe string sent with the access token as a password.
RealmThe Provider basically decides if this is of any importance. It is the counterpart of the WWW-authenticate response header. If a server returns a WWW-authenticate header of 'OAuth realm=""' then it probably parses that value from the Authenticate request header in the OAuth process.

Use OAuth 1.0 Authorization in Katalon Studio

To use OAuth 1.0 authorization in Katalon Studio, do as follows:
  1. In the Authorization tab of a web service request, set the Type as OAuth 1.0.
    authorization tab
  2. Fill in your authorization information , then click on Update to HTTP Header.
    OAuth 1.0 authentication
The authorization information are updated to the Authorization request of the HTTP Header tab, as you can see below.

http header