Skip to Content

Test POST request to Gateway with SoapUI

This blog describes how to make POST calls containing CSRF tokens to Gateway using SoapUI.

The testcase contains 3 steps, and a property named CSRF,


Check field “Maintain HTTP session” under testcase options, this will make sure that the cookies set in the GET request are reused in the POST request,

TestCase Options.png

1: Get CSRF

This will fetch the token via a GET request, add header “X-CSRF-Token” and value “Fetch”

Get CSRF.png

2: Groovy Script

The script will take the token from the GET request and store it in the testcase “CSRF” property


def headerValue = testRunner.testCase.getTestStepByName(“Get CSRF”).httpRequest.response.responseHeaders[“x-csrf-token”]; headerValue[0] );

testRunner.testCase.setPropertyValue( “CSRF”, headerValue[0] );


The actual request using the token, add header “X-CSRF-Token” with value “${#TestCase#CSRF}”, set content type according to input data


You must be Logged on to comment or reply to a post.