You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First of all, thanks for your work on the BFF token pattern. That's really cool and I learnt a lot from your repos.
Currently, I use this kind of pattern and the code is nearly the same as the code in this repo. Everything works very well. But now, the team need to work on k6 for load testing (API and web components). I can handle it by recording the flow for Microsoft Entra External ID, but it might be cumbersome and unstable (let's say we enable 2FA or customise authentication flow on CIAM, and the k6 script needs to be modified by adding more steps).
In the documents of k6, there are only a few options like HTTP auth, and token with OAuth 2.0.. In the past, when we did this with k6, we used OAuth 2.0 auth (authorisation code flow + pkce on SPA), and then it was quite easy to follow the guidance on the k6 document, and we could run headless mode and put it run on CI/CD.
My question is if we still use k6, then any approach based on your experience to make this kind of loading testing (or integration testing possibly)? Hope to hear your opinion.
The text was updated successfully, but these errors were encountered:
First of all, thanks for your work on the BFF token pattern. That's really cool and I learnt a lot from your repos.
Currently, I use this kind of pattern and the code is nearly the same as the code in this repo. Everything works very well. But now, the team need to work on k6 for load testing (API and web components). I can handle it by recording the flow for Microsoft Entra External ID, but it might be cumbersome and unstable (let's say we enable 2FA or customise authentication flow on CIAM, and the k6 script needs to be modified by adding more steps).
In the documents of k6, there are only a few options like HTTP auth, and token with OAuth 2.0.. In the past, when we did this with k6, we used OAuth 2.0 auth (authorisation code flow + pkce on SPA), and then it was quite easy to follow the guidance on the k6 document, and we could run headless mode and put it run on CI/CD.
My question is if we still use k6, then any approach based on your experience to make this kind of loading testing (or integration testing possibly)? Hope to hear your opinion.
The text was updated successfully, but these errors were encountered: