If you’ve spent any time load testing APIs with JMeter, you’ve probably run into this problem: your script works perfectly on the first request, then falls apart on the second. Nine times out of ten, the culprit is a dynamic value — something like a session token or request ID that the server generates fresh on every call. Miss it, and your whole test goes sideways.

That’s where JMeter correlation comes in. It lets you grab those dynamic values straight from server responses and feed them into the next request automatically. This guide walks through exactly how that works — specifically using the JSON Extractor and RegEx Extractor, the two tools you’ll reach for most often.

What is Correlation in JMeter

Think of correlation as a relay race. The first request crosses the finish line and hands a baton — a session ID, auth token, whatever the server gave back — to the next request. Without that handoff, the second runner starts with nothing and the whole race breaks down.

Web applications constantly spin up fresh session tokens, CSRF values, and unique parameters. When you’re replaying a recorded script, those hardcoded values are already stale. Correlation fixes that by picking the live value out of each response and wiring it into the request that follows.

In practical terms, here’s what the process looks like inside JMeter:

• Spot values in server responses are dynamic and Pull them out using a post-processor (JSON Extractor or RegEx Extractor)
• Store the extracted value in a JMeter variable
• Reference that variable in later requests using ${variableName}

JMeter gives you two main extractors for this job. Which one you use mostly depends on what the response looks like — JSON APIs call for the JSON Extractor, while HTML, XML, and everything else is often easier to handle with RegEx.

RegEx Extractor in JMeter

The RegEx Extractor is the more versatile of the two. It uses regular expressions to pull data out of almost any response format — HTML, XML, JSON, plain text, you name it. If the JSON Extractor can’t quite reach the value you need, the RegEx Extractor usually can.

How RegEx Extractor Works

• JMeter scans the response body, headers, or URL (your choice)
• Runs your regular expression against that text
• Grabs whichever capturing group you specified
• Drops the match into a variable for later use

Using Extracted Token (${token}) in Login Request

Setting Up RegEx Extractor

Add the extractor as a child element directly under the HTTP Request sampler you want to capture from. Then fill in these fields:

• Reference Name — the variable name your extracted value gets stored under
• Regular Expression — your pattern, with capturing groups in parentheses
• Template — usually $1$ to grab the first group
• Match Number — use 1 for the first match, or -1 to collect them all
• Default Value — what to fall back on if the pattern finds nothing

Capturing Dynamic Token Using RegEx Extractor in JMeter

Tips for Using RegEx Extractor

• Always test your patterns somewhere like Regex101 before dropping them into JMeter — it saves a lot of head-scratching later
• Prefer non-greedy quantifiers like .+? or .*? so you don’t accidentally scoop up more than you intended
• Pay attention to encoding and line endings in the response; they’re a surprisingly common source of match failures

Real API Example Using Correlation in JMeter

Let’s make this concrete. Here’s a realistic scenario you might encounter: you’re testing an API that first authenticates, then uses the returned token for every subsequent call, and eventually needs a session ID extracted from an HTML page.

Scenario

You need to test an API that works like this:

1. User logs in; the server responds with a JSON token
2. That token gets passed in the header of the next request
3. A later request returns a session ID buried in an HTML response
4. The final request needs that session ID to go through

Step 1: Authenticate and Extract Token

Start by adding an HTTP Request sampler to your Thread Group:

• Right-click Thread Group → Add → Sampler → HTTP Request
• Name it Login

Configure it like this:

Method: POST

URL: /api/auth/login

Server Name: your domain (e.g., localhost)

Under Body Data, switch to Raw and set the content type to JSON. Paste in your login payload there.

Add an HTTP Header Manager under the same sampler (right-click → Add → Config Element → HTTP Header Manager) and add the header Content-Type: application/json.

Step 2: Add Regular Expression Extractor (Capture Token)

Right-click the Login sampler and go to Add → Post Processor → Regular Expression Extractor. Set it up as follows:

Name: Extract Token

Apply to: Main sample only

Field to check: Body

Reference Name: token

Regular Expression: :token=\”&quot(.*?)"\”

Creating Variable for Regular Expression

Using Extracted Token (${token}) in Login Request

JSON Extractor in JMeter

For APIs that return JSON — which is most of them these days — the JSON Extractor is usually the cleaner option. Rather than writing a regex, you use a JSONPath expression to navigate directly to the value you want.

How JSON Extractor Works

• Reads the full JSON response body
• Evaluates your JSONPath expression against it
• Stores whatever it finds into a JMeter variable
• You reference that variable downstream using ${variableName}

Setting Up JSON Extractor

Add the JSON Extractor as a child of the relevant HTTP Request sampler, then configure:

• Name of created variable: the variable name you’ll use to reference the extracted value
• JSON Path expressions: the JSONPath pointing to your target value
• Match Numbers: 1 for the first result, -1 for all matches
• Default Value: what to use if the expression finds nothing

Example

Say the login response includes a file ID you need for the next call. You’d configure it like this:

Name of created variable: fileid

JSON Path expression: $.Fileid

Benefits of This Approach

• Test scripts stay dynamic, so they don’t break when tokens rotate
• The simulated traffic actually looks like real user sessions
• You stop chasing flaky failures caused by stale or missing values

Between the JSON Extractor and the RegEx Extractor, you have solid coverage for almost any response format you’ll encounter. The JSON Extractor is usually faster to set up when you’re working with modern APIs; RegEx is your backup when the response is messier or not strictly JSON.

One habit worth building: always verify your extracted values during development. Run the test in debug mode, add a Debug Sampler, and confirm the variable is actually being populated. It’s the kind of thing that saves you from debugging a test that looks like it’s working but isn’t. Once you have it nailed down, you’ll wonder how you ever wrote JMeter scripts without it.