This is a type of authentication used by software developers to validate the authenticity of the users. In this technique, users will be provided with a valid token to access the API.
Usually, this token comes with an expiring period and can be regenerated whenever we want.
In this article, I am using the GO REST application APIs to demonstrate the usage of bearer tokens.
To access the application you need a token, so please login to the application. As soon as you login to the application, and click on the Rest Console you will be shown a bearer token as below.
So use this token (it will be different in your case) for sending any kind of request. In this case, I am sending a GET request to get all the users using the given token.
Bearer 4fb7dc4bdf2753074cb24479061d15da39ce2ff4701a9d831d41e470f27a1fb4
In the below code snippet, I have added the bearer token in the header as authorization and sent it to the GET request method.
header = {
'Content-Type': 'application/json',
'Authorization': 'Bearer 4fb7dc4bdf2753074cb24479061d15da39ce2ff4701a9d831d41e470f27a1fb4'
} # added authorization in the header with the given bearer token
response = requests.get(BASE_URI+END_POINT, headers=header) # passing the token to the get request method
The complete code snippet, where I am using Python's request module to send the GET request is as below.
import requests
BASE_URI = "https://gorest.co.in" # base url
END_POINT = "/public/v2/users" # end point url
Token = "Bearer 4fb7dc4bdf2753074cb24479061d15da39ce2ff4701a9d831d41e470f27a1fb4" # bearer token generated
header = {
'Content-Type': 'application/json',
'Authorization': 'Bearer 4fb7dc4bdf2753074cb24479061d15da39ce2ff4701a9d831d41e470f27a1fb4'
} # added authorization in the header with the given bearer token
response = requests.get(BASE_URI+END_POINT, headers=header) # passing the token to the get request method
print(f'\nThe status code is - {response.status_code}')
print(f'The response {response.json()}')
Output of the execution
The status code is - 200
The response [{'id': 5354380, 'name': 'Sen. Aishani Kaniyar', 'email': 'kaniyar_aishani_sen@mcdermott.example', 'gender': 'male', 'status': 'active'}, {'id': 5354378, 'name': 'Prof. Swarnalata Khan', 'email': 'prof_swarnalata_khan@waelchi.test', 'gender': 'male', 'status': 'inactive'}, {'id': 5354376, 'name': 'Chapal Jha', 'email': 'jha_chapal@zboncak-koelpin.test', 'gender': 'female', 'status': 'active'}, {'id': 5354374, 'name': 'Miss Brahma Tandon', 'email': 'tandon_miss_brahma@huel.example', 'gender': 'female', 'status': 'active'}, {'id': 5354373, 'name': 'Mangala Shukla', 'email': 'shukla_mangala@schowalter-oreilly.test', 'gender': 'female', 'status': 'inactive'}, {'id': 5354372, 'name': 'Surya Dutta', 'email': 'surya_dutta@cassin.example', 'gender': 'female', 'status': 'inactive'}, {'id': 5354371, 'name': 'Paramartha Nambeesan', 'email': 'paramartha_nambeesan@von.test', 'gender': 'male', 'status': 'active'}, {'id': 5354370, 'name': 'Arjun Jain DO', 'email': 'do_jain_arjun@hegmann.test', 'gender': 'female', 'status': 'active'}, {'id': 5354369, 'name': 'Sanka Nehru', 'email': 'nehru_sanka@hodkiewicz.example', 'gender': 'male', 'status': 'active'}, {'id': 5354368, 'name': 'Brahma Adiga', 'email': 'brahma_adiga@zemlak.test', 'gender': 'male', 'status': 'inactive'}]
This is how we can handle a bearer authentication in the API testing. Thanks for reading. #python #apitesting #pythonrequests #requests #automation