Forum Discussion

delimited's avatar
Occasional Visitor
9 years ago

Auth browser clear cookies

We're using SoapUI 5.2.1 to test REST services secured using Oauth2 access tokens. The new "Get Auth Token" functionality is working great to retrieve the access token from our STS but it is holding on to the STS's cookie meaning that if we wanted to test the endpoint for another user, by retrieving an access token specific to them, the STS still has a session open, linked by a cookie, and the access token is immediately retrieved without any user interaction.


I have searched for options to control the embedded browser or utilise an external browser for this and come up short. Currently restarting SoapUI clears the browser cookie and we are able to perform the test. Is there anything else I can try?


Many thanks.

1 Reply

  • kondasamy's avatar
    Regular Contributor

    For any cookies, it should be sent as header property as mentioned below,

    GET /spec.html HTTP/1.1
    Cookie: theme=light; sessionToken=abc123

    You can find that header value and make it empty through manual approach/ groovy script.