How to Load Test OAuth secured APIs with k6?

Most systems are designed to treat users differently based on their identity. Therefore, users are authenticated via various mechanisms and it's often equally important to test the performance of anonymous and authenticated endpoints. One of the most widespread authentication standards used by today's applications is OAuth.

This is a companion discussion topic for the original entry at

Is there a secure way to store all the secrets and IDs in k6?
I’m thinking from a local testing perspective a user has to provide all the params to get a token.


Hey @catalintomescu,

if you use k6 to run a test locally, you can make use of environment variables, instead of hard-coded strings.