API auth profiles: Bearer, Basic, and API-Key
Tags: api, auth, bearer, basic, apikey, headers, rest, openapi, swagger, endpoint, contract
What it is Auth Profiles store reusable authentication strategies (Bearer, Basic, API-Key) for API testing without hardcoding per request. Why it’s needed - Teams test multiple environments with different credentials/tokens. - Hardcoding secrets in suites is a security risk. - Reusable profiles reduce configuration mistakes. Benefits - Safer reuse of auth approaches across scenarios. - Faster setup for new endpoints/environments. - Reduced leakage risk when combined with enterprise secret handling. How to use it in WebSureQTool Create an auth profile type (Bearer, Basic, API-Key). Bind the auth profile to an environment or scenario. Avoid embedding long-lived secrets directly in datasets unless policy allows it. Rotate credentials/tokens as required by your security team.