OAuth 2 Advanced Options
The advanced options settings for Oauth2 are used to define how the access token should be handled.
There are two available settings: how to sending, and how to handle refresh of the access token.
Send Access Token as:
This setting is used when you have
Header: Access token is sent as request header. Example:
Authorization: Bearer rRR0GnTudjuUUGaSt0n
Query: The access token is sent as a query parameter.
Example:
https://www.example.com/a/v1/y/{userId}?access_token=1/rRR0GnTudjuUUGaSt0n
Refresh Access Token:
The default settings is that SoapUI handles refresh tokens automatically and transparently. If you for some reason need tokens to time out, you can set refresh to manual.
Automatic: The refresh token is used automatically.
Manual: The token has to be manually applied.
When refresh access token is set to manual. A refresh button is made available next to the token.
To refresh the token, click the refresh button.
Access Token Expiration Time
The request can be set to use the access token expiration time provided from the server.
Server: The expiration time provided by the authorization server is used.
Custom: The token expires after the set number of seconds, minutes or hours.
Note: By convention, the value "0" indicate that the token will never expire. There is no setting for immediate expiration of the token.