This is great, as now we’ll be able to make request without manually pasting the token. We can confirm it works by running the request again and then clicking on the top right eye icon (Quick look environment variables). This easy 2 liner gets the response and sets it to our env variable. json () // set Authorization to the jwt token pm. To do so, select the “Tests” tab and type this: We now want to extract this token from the response and assign it to our other env variable, Authorization. This is of course the least secure of the APIs since we’re not even passing an email password combination, but that’s ok for a test server! Once the url is typed we send the request and sure enough, we have our token back. Postman will confirm URL is defined while we type via and autocomplete popup. This means that localhost:3000/auth will become /auth. We want to hit localhost:3000/auth, but instead of hardcoding the host we will use the environment variable we just created, by replacing localhost:3000 with ``. Save the values and select the newly created environment from the “Environments” dropdown on the top right of the UI.Ĭreate a new request by typing the endpoint we want to hit into the main input field. With this setup we can start hitting the auth endpoint and make use of our first variable in Postman. In the picture I added an initial value of localhost:3000 for URL, since I am running my server locally at first, while I left the auth field blank. Open Postman and click on the cog on the top right section of the UI.Ĭhoose a unique name for your project, and fill in 2 variables, URL and Authorization. If you want to follow along and try all the steps below you can clone this repo, follow the instructions in the readme to install and test every command against this test api. Let’s see how we can avoid this manual setup thanks to Postman.Īs you will see, environments are a very powerful feature to stay organised in Postman and to make our workflow much faster and portable. Moreover, every time our token expires, we will have to repeat the process of hitting the auth endpoint, and copying our new token. While this works, it becomes tedious quickly as we will need to paste the token in every new tab we create on Postman. We would then be able to paste this token as a header for future requests, such as the above example to request the list of users. The easiest way to do that is to first hit our authentication endpoint (for instance passing a username and password, inspect the response on the Postman UI and manually copy this token. To accomplish this a client may expect to pass a token as part of the request, say as an entry in the headers in the form of a JWT token. The server expects the user that performs the call to be authenticated to make this call. Say, for example, that we are hitting to retrieve a list of users that are registered on our platform. One of the most common cases is having to hit an endpoint that requires some sort of authentication. This will make it easier to understand why and when environments are useful. Life without Postman environmentsīefore explaining what an environment is in the context of Postman, I’d like to list a couple of the most common scenarios I face when working with an API. One of my favourite aspects of working with Postman is its environments feature. At the same time, devoting a little effort in learning some of its best features can quickly boost our productivity and development speed. Thank you for reading.Postman is one my favourite tools at work to test APIs.Įven at a simple level Postman easily becomes invaluable. I hope this post was useful and has shortened your API testing time. □ To use the JWT on protected routes, follow the highlighted points.įinally, if you open the headers tab, you will notice that the Authorization values are automatically prefilled. If you open the environment quick look section, the new JWT token should be listed as one of the variables. □ Try the request again, everything should still work □ Following that, we set our JWT against the response token. □ Hover over the baseUrl to see the URL referenced from the environment variables. □ Change the Environment to the newly set one and also the baseUrl in two curly brackets □ Set the name of the Environment, the base URL, and click the save button □ Select the Environment quick look option. Let's create an environment that allows us to change the context of our requests. The blog post explains how to reuse JSON web tokens in Postman, which will speed up your API Testing experience. Working with APIs, particularly those that use the JWT model for authentication, can be challenging because it requires copying and pasting the Bearer token into the Authorization headers.
0 Comments
Leave a Reply. |