Need help to handle Authorize request for PowerBI web application

Question

Tried to record PowerBI application using Neoload/Jmeter and found that this request https://login.microsoftonline.com/common/oauth2/v2.0/authorize have many request paramaetrs like below.

I was able to co-relate only client-id from the home page URl and I don't find other request parameters in home page URL response. The authorize request should give some "signin#code=" in response, which is passed in token request to generate bearer token value.

When I send the authorize request with all recorded request parameters, it is not giving correct response. How to handle the request parameters in authorize request,to get the right response? Do I need to pass all request parameters, if so, from where I can get the values for Clint_request_id, code_challenge, nonce, state, sso_nonce, mscrid etc?

Answer 1

Power BI does not support, and actively discourages, interacting with the Power BI portal application through raw HTTP requests. Please use a load testing tool that automates use of a supported web browser instead. Eg Power BI Dedicated Capacity Load Assessment Tool

Answer 2

1. Some values like client_id are hard-coded
2. Some values like nonce are just random strings or GUIDs so they can be generated using relevant JMeter Functions
3. Some values like state should be extracted from the previous responses using suitable JMeter Post-Processors.

You can check out https://github.com/aboyfromipanema/jmeter-oauth/blob/main/atlassian-microsoft-oauth.jmx example test plan which bypasses Microsoft OAuth2 challenge, most probably you will need to amend it according to your needs but you should get the overall idea from there