I’m trying to move my API tests from Postman into Katalon Studio, and I’m really confused. I have my first request, POST /login, which works fine and gives me a long access_token in the response body.
In Postman, I usually just copy-paste that token into the “Auth” tab of my next request, or use a script to save it. But in Katalon, I have no idea how to “grab” that piece of text from the first response and shove it into the Authorization header of my GET /profile request.
I tried looking at the “HTTP Header” tab in the Object Repository, but it’s just a static table. Do I have to manually update the token every time I run the test? That seems impossible for a long test suite. How do I make the second request wait for the first one and then use its token automatically?
in the GET Profile test object, add an Authorization header with value ${authToken}. The variable binding in findTestObject maps directly into that header template. Define authToken as a GlobalVariable in your profiles (empty string is fine); the script overwrites it at runtime
Transitioning from Postman to Katalon requires understanding Global Variables and Object Parameterization. In a professional framework, we never “hardcode” or manually paste tokens. Instead, we treat the token as a dynamic property of the Web Service Object.
The workflow involves:
Parsing the JSON response of the login call.
Storing the token in a variable (Global or Local).
Injecting that variable into the Header of subsequent requests using the ${variable} syntax.
The Solution: Response Parsing & Header Parameterization
Step 1: Parameterize the Header Open your GET /profile object in the Object Repository. Under the HTTP Header tab, set the value for Authorization to: Bearer ${token}
Step 2: Parse the Login Response In your Test Case, you need to extract the token from the response object using JsonSlurper.
Custom Keyword Helper
To keep your test cases clean, use this keyword to extract values from any JSON response body quickly.
Groovy
import com.kms.katalon.core.annotation.Keyword
import com.kms.katalon.core.testobject.ResponseObject
import groovy.json.JsonSlurper
class ApiHelper {
/**
* Extracts a value from a JSON response body based on a key
* @param response The ResponseObject from a WS.sendRequest call
* @param key The JSON key (e.g., "access_token")
* @return The string value of the token
*/
@Keyword
def getValueFromJsonResponse(ResponseObject response, String key) {
JsonSlurper slurper = new JsonSlurper()
Map parsedJson = slurper.parseText(response.getResponseText())
return parsedJson.get(key)
}
}
How to use it in your Script:
Groovy
// 1. Send Login Request
def loginResponse = WS.sendRequest(findTestObject('Object Repository/API/Login'))
// 2. Extract Token using our Keyword
def authToken = CustomKeywords.'ApiHelper.getValueFromJsonResponse'(loginResponse, 'access_token')
// 3. Send next request, passing the token into the 'token' parameter we defined in the Repository
def profileResponse = WS.sendRequest(findTestObject('Object Repository/API/GetProfile', [('token') : authToken]))
// 4. Verify Success
WS.verifyResponseStatusCode(profileResponse, 200)
Architect’s Tip: For larger projects, store the token in GlobalVariable.accessToken. This allows any test case in your suite to access the current session without re-authenticating for every single script.
Are you dealing with a standard JSON response, or does your API use a more complex structure (like nested objects) for the token?
Katalon headers look static in Object Repository, but you can parameterize them. In your GET /profile request, set Authorization to Bearer ${authToken}. In the test case, send the login request first, parse the JSON with JsonSlurper, store access_token into a GlobalVariable (or local variable), then call GET /profile using findTestObject('GET Profile', [('authToken'): token]). Katalon runs steps sequentially, so the second request naturally executes after the first.