I have little experience in using JMeter, so my sincere apologies if I'm missing something totally obvious here.
However, I get a 401 each time I try to make an HTTP Request in which a query is send to the server, the request looks as follows:
{"action":"retrieve_by_query","params": {"queryId":"DkWjkFD27UKYSz9ytWW5ew","constraint":"","context":"37154696925809628","options":{"sort":[["DCM.TaskInstance_TaskCategoryInstance/DCM.TaskCategoryInstance/DCM.TaskCategoryInstance_TaskCategory/DCM.TaskCategory/OrderNumber","desc"],["HasMessages","desc"]],"offset":0,"amount":100}},"profiledata":{"1584961703745-131":51,"1584961703743-130":58,"1584961703774-133":106,"1584961703773-132":221}}
And the response data is as follows:
HTTP/1.1 401 Unauthorized
Cache-Control: no-store
Server: nginx
Set-Cookie: ARRAffinity=3769bc7afaf737a4a03d956ebdfc5742c39a3f6232952e26cf18d2da49b83c1e;Path=/;HttpOnly;Domain=****-t.****-ta.p.azurewebsites.net
Date: Mon, 23 Mar 2020 14:13:32 GMT
Content-Length: 0
I already tried to make the request message correspond with the stream that I checked with Fiddler, however this didn't bring me much further.
The protocol used to communicate between the client and server in a Mendix app is quite complicated because the server-side is stateless. Before sending your request to the server, you need to make sure the client (JMeter in this case) is authenticated. So to build a successful JMeter script, you would have to record and replay the whole sequence of communication, from authentication to the query you want to check. This approach is quite time-consuming.
The official position here is that this type of testing should be done using a selenium based solution.
The documentation referenced in the earlier answer details the authentication for API's exposed by the Mendix platform, not the authentication between the client and server.