Can't login with Postman/JMeter since /login form is javascript. Are there workarounds to get code and state response?

A customer has asked me to load test their Drupal application, which is using Auth0 as their single sign-on solution and connected to a Drupal callback that’s using OpenID Connect. I’ve worked with other OpenID/OAuth2 setups, and typically the login forms are static forms that contain the necessary credentials, nonces, etc that allow a tool like JMeter to extract those bits and pass it onto the next request. However, Auth0’s hosted login form is all Javascript, so it does not render in a tool like JMeter or Postman. The problem I am having is that there doesn’t appear to be a way for me to automate a user logging in at Auth0 and redirecting back to the site with the correct “code” and “state” parameters, since those parameters appear to be dynamic.

Is there a POSTMAN request I can make to Auth0’s API where I can send in the client_id, client_secret, username, password, id_token, etc, and get back the “code” and “state” values needed for the Drupal callback?


Drupal Callback URL:

Where “code” and “state” appear to be dynamic and required/validated values.

Any ideas?

Hi @briantully ,

Welcome to the Community!

Have you read through our load testing docs? If you are load testing the Auth0 APIs you should fill out a request with our support team, and they will be able to help you with your implementation details.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.