two level authentication test

the app we have has two levels of authentication. First it authorizes user with a Basic token. This authentication generates bearer token (session specific). The user can use this bearer token to various transactions in the app.

Flows:

user authentication at auth.xxxx.com with Basic token
user then redirected to api.xxx.com to do various transactions - uses bearer token generated from 1

I am not understanding how I could use basic / bearer session token any tools available, I have tried it in PostMan and HP's UFT.

The situation aptly described here from a developer standpoint: How to implement two level authentication in a RESTful API?

Solution

I had to capture the passKey using Json Extractor and then use RegEx extractor to get bearer token. NO programming was required

Is there any way to set defaults in supertest?
How to run Get Kusto query using Rest API
Minimal API Results.Ok Not Returning Full Object
A REST API to echo same JSON data back for testing purposes
Laravel retrieving data from REST API
RESTful Soft Delete
How to integrate FitBit Api in IOS app using Swift
RESTful API HATEOAS
how to specify a range of data or multiple entities in a restful web-service
REST API design for non-CRUD actions, e.g. save, deploy, execute code
javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request
find user by name or email on Azure DevOps Server 2022.1
Should I use Singular or Plural name convention for REST resources?
file_get_contents(): SSL operation failed with code 1, Failed to enable crypto
REST API - Handling an empty body in PATCH
How can i get data from custom post type using WP REST API
Implementing custom methods of Spring Data repository and exposing them through REST
How do I submit requests to REST api in batches in SpringBoot?
increase python REST requests efficiancy
RestClientException: Could not extract response. no suitable HttpMessageConverter found
What is the real difference between an API and an microservice?
No connection could be made because the target machine actively refused it 127.0.0.1:3446
Which is better for Dynamic querying String Builder or string buffer?
Log REST-requests to file with unique request-id
HTTP method names: upper or lower case?
REST. Make order request
Correct use of files.getUploadURLExternal in Curl command line
Detect client connection drop using Jersey/Java
How to control exception while developing RESTful API with Java?
Django REST Framework Login