Hopefully, going thru this sample test case you will find the answer
import static com.kms.katalon.core.checkpoint.CheckpointFactory.findCheckpointimport static com.kms.katalon.core.testcase.TestCaseFactory.findTestCaseimport static com.kms.katalon.core.testdata.TestDataFactory.findTestDataimport static com.kms.katalon.core.testobject.ObjectRepository.findTestObjectimport com.kms.katalon.core.checkpoint.Checkpoint as Checkpointimport com.kms.katalon.core.checkpoint.CheckpointFactory as CheckpointFactoryimport com.kms.katalon.core.mobile.keyword.MobileBuiltInKeywords as MobileBuiltInKeywordsimport com.kms.katalon.core.mobile.keyword.MobileBuiltInKeywords as Mobileimport com.kms.katalon.core.model.FailureHandling as FailureHandlingimport com.kms.katalon.core.testcase.TestCase as TestCaseimport com.kms.katalon.core.testcase.TestCaseFactory as TestCaseFactoryimport com.kms.katalon.core.testdata.TestData as TestDataimport com.kms.katalon.core.testdata.TestDataFactory as TestDataFactoryimport com.kms.katalon.core.testobject.ConditionTypeimport com.kms.katalon.core.testobject.ObjectRepository as ObjectRepositoryimport com.kms.katalon.core.testobject.RequestObjectimport com.kms.katalon.core.testobject.ResponseObjectimport com.kms.katalon.core.testobject.TestObject as TestObjectimport com.kms.katalon.core.testobject.TestObjectPropertyimport com.kms.katalon.core.webservice.keyword.WSBuiltInKeywords as WSBuiltInKeywordsimport com.kms.katalon.core.webservice.keyword.WSBuiltInKeywords as WSimport com.kms.katalon.core.webui.keyword.WebUiBuiltInKeywords as WebUiBuiltInKeywordsimport com.kms.katalon.core.webui.keyword.WebUiBuiltInKeywords as WebUIimport internal.GlobalVariable as GlobalVariable// FIRST STEP// load test request object which will do the login step and retrieve the token for later usagesRequestObject getTokenTestObject = findTestObject('Auth/Get User Token')// current value: { username: '_username_', password: '_password_'}// suppose that _username_ and _password_ are the invalid values and you want to change on runtimebody = getTokenTestObject.getHttpBody().replace("_username_", "valid username").replace("_password_", "valid password")// You might use Test Case variable or Global variable to store the user credentials// update back the HTTP request bodygetTokenTestObject.setHttpBody(body)ResponseObject responseTokenObject = WS.sendRequest(getTokenTestObject)// suppose that the responseTokenObject.getResponseText() is { accessToken: "xxx", expiredTime: "yyy" }// use groovy.json.JsonSlurper to parse the text into objectdef tokenObject = new groovy.json.JsonSlurper().parseText(responseTokenObject.getResponseText())// get the retrieved tokentoken = tokenObject.accessToken// SECOND STEP// load test request object which will use token above in AuthorizationRequestObject getUserInfoTestObject = findTestObject('Auth/Get User Info')// if getUserInfoTestObject HTTP headers have no Authorization itemgetUserInfoTestObject.getHttpHeaderProperties().add(new TestObjectProperty("Authorization", ConditionType.EQUALS, "Bearer " + token))// Otherwise, you need to go through the getUserInfoTestObject.getHttpHeaderProperties() and replace the value of Authorization header//for (TestObjectProperty header: getUserInfoTestObject.getHttpHeaderProperties()) {// if ("Authorization".equals(header.getName())) {// header.setValue("Bearer " + token);// break;// }//}WS.sendRequest(getUserInfoTestObject)