Forum Discussion

tishtaar's avatar
New Contributor
5 years ago

How to generate the same Bearer token as Swagger?

I have given an API which uses Basic_auth for Authentication.
it requires 'username', 'password', (type:basic_auth), 'ClientId' and 'secret'.

I use the Swagger UI to authenticate and it works perfectly fine:
the Curl will look like this:

curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1ZR0FtX2hHeWRvYWhrSGtlcjRlaTRiTXRSUSIsImtpZCI6Ik1ZR0FtX2hHeWRvYWhrSGtlcjRlaTRiTXRSUSJ9.eyJpc3MiOiJDdXN0b21lckNsdWJXZWJTZXJ2aWNlIiwiYXVkIjoiQ3VzdG9tZXJDbHViV2ViU2VydmljZS9yZXNvdXJjZXMiLCJleHAiOjE1NjM4NzY2MTEsIm5iZiI6MTU2MzI3MTgxMSwiY2xpZW50X2lkIjoiY3VzdG9tZXJjbHViIiwic2NvcGUiOlsib3BlbmlkIiwicHJvZmlsZSIsInVzZXJfaW5mbyJdLCJzdWIiOiJjdXN0b21lcmNsdWIiLCJhdXRoX3RpbWUiOjE1NjMyNzE4MTEsImlkcCI6Imlkc3J2IiwicHJpbWFyeV9zaWQiOiJjdXN0b21lcmNsdWIiLCJ1cG4iOiJjdXN0b21lcmNsdWIiLCJuYW1lIjoiY3VzdG9tZXJjbHViIiwiZ2l2ZW5fbmFtZSI6ImN1c3RvbWVyY2x1YiIsImp0aSI6IjRhMGUyZjNkYjUzYjY2ZGQxMDIwMmJkNmVmNzM4OWJjIiwiYW1yIjpbImN1c3RvbSJdfQ.YY1CzHzWPK_E1S7y8TDrwRT0orCS9zfN-4n5pTC1zYMomkOkJOdpvmSZyrabirBeLpGi870T9H-z9ufkYX5B1bPZlQlQRAAaDPeq_pV7Gls9EPLhAK8uXK4i5jaF1aNN5hiBP6fAJZxhZnHsmUevXs6y5s9FJeVZ1vPpDfJ69d3rrTvte_2A6hEE6fpkYeZGUKRS8eTaWHSrdZh9-18FaQN4VGbCCtsHR7x-A2HMLIG8q9MWp6iu_KDJ95wOHO_tp--AER4CoGta0HrleI7CNUBz43TN-kEklmzVCODuFA7varUIAiee4Zd2PKG7MlGEdkOBA5qwoX1HhsobGOI5ZA' '

The problem is, every time the token expires, I have to come back and use the Swagger UI to authenticate, and copy the Bearer token to my app.

I would like to know, how Swagger is creating it? And how could I implement it on my machine so that everytime it expires, my app creates it itself instead of getting an error and changing it?
I tried many ways, but I couldn't get the Bearer token the way Swagger gets it. It only works when Swagger creates it.

2 Replies

  • JHunt's avatar
    Community Hero

    Don't be confused, this is using OAuth 2.0, and not basic authentication (which would be much easier to do yourself).


    In SoapUI, you can set up OAuth by going to a request and clicking the Auth tab along the bottom, and Add New Authorization...


    But you mention youre using your own app (and not SoapUI?). OAuth 2.0 is a slightly complex multiple step process - I think these days people are mostly just using a library to handle it.

    • tishtaar's avatar
      New Contributor

      Thank you for your information.
      But when I decrypt the Token generated by Swagger, there are extra un-encryptable parts (I mean some parts remain hashed).
      What you provided is good but I'm looking for actual code here. A way to generate the Bearer token just like Swagger. Any other way I try it, the API doesn't accept it. But when Swagger generates it, it is all heaven!
      When you have a good experience in your field and can't fix such simple issue, it really drives you banana!