Forum Discussion

FcoSan's avatar
New Contributor
3 years ago

Try to authentificate with JWT


I am trying authentificate to Zephyr by JWT token.

Request url:





Authorization: JWT <JWT_TOKEN>

zapiAccessKey: <ACCESS_KEY>

Content-type: application/json


I have performed all the steps that are discussed in this post to generate the JWT Token:

Also in this one too:


I am able to generate the token in both ways, via postman or with the zapi-cloud.git. But when I do a request with postman I always get a 401 error and this message:







Expecting claim 'qsh' to have value '7f0d00c2c7*****************42d4b84374' but instead it has the value '9a826e393c52fc74522e694b**************de592e'








Every time I try to launch the request again I generate a new JWT, But same result.

What do I need to be able to connect correctly with Zephyr?

I need to connect with Zephyr to be able to change the states of the tests that I have created in Zpehyr



3 Replies

  • Hi, this community is dead, zero support by the smartbear team, but, may be this can help you:


    the Automation API and REST API authenticate differently,


    for Automation API as simple as:

    Generate JWT Token


    but for REST API you need to generate the qsh, etc, take a look:


    if your using nodeJS here is an example:



    const method = 'GET';
    const url =
    generateJWT: async function(method, url) {
    const now = moment().utc();
    const req = jwt.fromMethodAndUrl(method, url);
    const tokenData = {
    "iss": zephyr.credentials.accessKey,
    "iat": now.unix(), // The time the token is generated
    "exp": now.add(3, 'minutes').unix(), // Token expiry time (recommend 3 minutes after issuing)
    "qsh": jwt.createQueryStringHash(req, false, ''), // [Query String Hash](
    "sub": '' // Your people ID https://********
    const secret = zephyr.credentials.secretKey;
    const token = jwt.encodeSymmetric(tokenData, secret);
    return `JWT ${token}`;