[Azure Load Testing] - Authenticating - Auth with certificate

Oz Mizrahi 0 Reputation points Microsoft Intern
2024-05-29T14:13:07.5466667+00:00

I am trying to run a load test for my service, and I need to obtain an AAD bearer token to communicate with my service. Until now, I used secret-based authentication and use the GetSecret() method for the client_secret in my jmx test script and then added as a parameter KV reference to my secret.

 However, I now need to use certificate-based authentication and have not found a way to do it without the secret. Is there any way to authenticate using a certificate instead of a secret? Any help or guidance would be greatly appreciated.

Azure Load Testing
Azure Load Testing
An Azure service that enables developers and testers to generate insights on how to improve the performance, scalability, and capacity usage of their application
64 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,106 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Oz Mizrahi 0 Reputation points Microsoft Intern
    2024-06-10T04:30:38.3133333+00:00

    Hi @Sina Salam

    To receive an access token, I am using the OAuth2 flow. I'll try to be more clear about the process I've implemented so far.

    Until now, my flow has been as follows:

    1. I had a user-defined variable for retrieving the client secret, which I referenced in the Load Test environment:
    ${__GetSecret(client_secret)}
    
    1. I used this variable in my POST request:
    
    curl -X POST
    'https://login.microsoftonline.com/${__P(tenant_id)}/oauth2/token'
    -H 'Content-Type: application/x-www-form-urlencoded'
    -d 'grant_type=client_credentials&client_id=${__P(client_id)}&client_secret=${client_secret}&resource=https://api.kusto.windows.net'
    
    1. Next, I added two processors (JSON Extractor and JSR223) to retrieve the token from the response:
    props.put("access_token", "${token}")
    
    1. I was then able to use the access_token in my desired requests that required a Bearer token, with this header:
    Bearer ${__property(access_token)} 
    

    In the new flow, I need to use a certificate that stored in Azure Key Vault instead of the client secret that I used so far.

    Best regards,

    Oz


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.