REST Assured is a powerful library for testing RESTful APIs. It simplifies writing HTTP requests and validations. One common scenario is sending Basic Authentication credentials to secure APIs. In this blog, we'll learn how to handle this easily using REST Assured.
What is Basic Authentication?
Basic Authentication is a method for HTTP user authentication. The client sends the username and password encoded in Base64 in the request header. The header looks like this:
Authorization: Basic <Base64EncodedUsernameAndPassword>
admin
and the password is password123
, the Base64-encoded string would be:REST Assured simplifies this process by automatically encoding the credentials when you use its methods.
Sending Basic Authentication Credentials in REST Assured
Setup Requirements
Ensure you have the following Maven dependency for REST Assured in your pom.xml
file:
<dependency>
<groupId>io.rest-assured</groupId>
<artifactId>rest-assured</artifactId>
<version>5.3.0</version> <!-- Use the latest version -->
<scope>test</scope>
</dependency>
Example 1: Using auth().preemptive()
The preemptive()
method sends the Authorization
header before the server challenges the client. It's faster and ideal for most cases.
import io.restassured.RestAssured;
import io.restassured.response.Response;
public class BasicAuthExample {
public static void main(String[] args) {
// Base URI of the API
RestAssured.baseURI = "https://example.com/api";
// Sending Basic Auth credentials
Response response = RestAssured.given()
.auth()
.preemptive()
.basic("admin", "password123")
.get("/secure-endpoint");
// Print the response
System.out.println("Response Code: " + response.getStatusCode());
System.out.println("Response Body: " + response.getBody().asString());
}
}
Example 2: Using auth().basic()
This method sends the Authorization
header only after the server challenges the client. Use this method if your API explicitly requires such behavior.
import io.restassured.RestAssured;
import io.restassured.response.Response;
public class BasicAuthExample {
public static void main(String[] args) {
RestAssured.baseURI = "https://example.com/api";
Response response = RestAssured.given()
.auth()
.basic("admin", "password123")
.get("/secure-endpoint");
System.out.println("Response Code: " + response.getStatusCode());
System.out.println("Response Body: " + response.getBody().asString());
}
}
Example 3: Using Headers Manually
You can also manually add the Authorization
header using Base64-encoded credentials:
import io.restassured.RestAssured;
import io.restassured.response.Response;
import java.util.Base64;
public class ManualAuthExample {
public static void main(String[] args) {
RestAssured.baseURI = "https://example.com/api";
// Encode username and password to Base64
String credentials = Base64.getEncoder().encodeToString("admin:password123".getBytes());
// Add the Authorization header manually
Response response = RestAssured.given()
.header("Authorization", "Basic " + credentials)
.get("/secure-endpoint");
System.out.println("Response Code: " + response.getStatusCode());
System.out.println("Response Body: " + response.getBody().asString());
}
}