Authentication & AuthorizationOAuth 2.0 (v2.x.x)Overview

OAuth 2.0 authentication in Bruno

This OAuth 2 implementation is specific to Bruno v2.x.x. If using Bruno v.1.x.x, please see the documentation for that version.

This document describes the new OAuth 2 implementation available in v2.x.x. This new approach simplifies authentication handling compared to the previous version.

Overview

Bruno supports OAuth 2 authentication at both collection and request levels:

  • Collection Level: Configure once and share across multiple requests
  • Request Level: Configure for specific requests, overriding collection settings if needed

Features & Improvements

  1. Simplified Configuration: You no longer need to separately configure authorization and resource requests
  2. Automatic Token Management: No scripting is required to set headers for the resource URL
  3. Automatic Token Injection: Bruno automatically adds the token to request headers or parameters based on your configuration
  4. Token Data Access: Access token data using variables: {{$oauth2.<tokenId>.access_token}} within the collection

Accessing OAuth2 Tokens in Scripts

You can access OAuth2 tokens in your scripts using the bru.getOauth2CredentialVar() function.

Syntax

bru.getOauth2CredentialVar('$oauth2.<Token ID>.access_token')