Maintain State Between HTTP Requests to Keycloak in JMeter

Question

So I am trying to automate a JMeter script that creates Keycloak users and then signs them in.

First It GETs the login page and stores the code, here is an example request:

GET http://Keycloak.com:8001//auth/realms/REALM/protocol/openid-connect/auth?response_type=code&client_id=CLIENT&scope=openid%20profile%20email&nonce=N5b3a2da23c04a&response_mode=form_post&resource=RESOURCE&state=2SJwtlVZrswlGkw&redirect_uri=REDIRECTURI

However, when I then GET the registration page, the code changes and the tab_id also changes. How can I keep keycloak from generating a new code token with every HTTP request in a thread?

In addition, why is each HTTP request with JMeter acting like a new session instead of the next request in a series?

---

EDIT:

I am using Regular Expression Extractors in order to track the code and execution variables, in addition to using a HTTP Cookie Manager and HTTP Cache Manager for the thread.

Looking at my POST request, both variables are the same as those from the previous HTTP request, and all of my cookies are being maintained, yet every time I try this automated login, I get a 400 error and the keycloak event log displays an invalid_code error.

---

Edit: As requested here is a screenshot of all my sign in requests

Answer 1

Most probably your Regular Expression Extractor is not nested in the HTTP Request you are trying to extract data from.

If its scope is too wide, it applies to all HTTP Requests, so first time it succeeds extracting, but then for the next request that does not contain the token, the extractor runs and overwrites the old value by an empty one.

See scoping rules in JMeter:

• https://jmeter.apache.org/usermanual/test_plan.html#scoping_rules

Answer 2

You need to maintain the corelation between hits. Please go through below blog

https://www.blazemeter.com/blog/how-to-handle-correlation-in-jmeter