[Postman] Set access token as good as senior

Tram Ho

1. Set the problem:

  • In the last 3 years I have worked on 4 projects. All four projects use jwt tokens for authentication. It can be seen that the jwt token is really popular. Today I write a mini blog to share some experience on how to configure postman with jwt token so that you can work more professionally and effectively.
  • Flow authenticates with client-side jwt token:
    1. Post API login
    2. Get tokens
    3. Store token in client
    4. All APIs with auth -> set header Authcation = Bearer + token
  • You are a BE developer or tester.
  • If you want to test the API, you have to do the above procedure -> Open postman and try

2. Made with rice:

  • Write api login
  • Get tokens like this
  • Then Ctrl + C
  • And Ctrl + V in the Authcation header of the API you want to test
  • So if you want to test 20 APIs, you have to copy and paste 20 times. -> It’s too much of a chicken

3. Same as rice, but a little better:

  • Create a variable ( global) acccessToken
  • Setting header for all APIs, Authcation = “Bearer {{acccessToken}}”
  • Call the login api
  • Copy the token and paste it into the acccessToken variable
  • Just call the login API once, and paste it once, more please 👋👋👋👋

4. Automatic execution

  • Automatically, after you call login, postman will automatically copy the token and paste it into the header.
  • For implementation, add the following script to the Tests . section

  • Now you need to make 1 login before you want to test the api. I don’t know if it can be better, but I’m still lazy

5 Super Auto:

  • Add pre-script to set token before making API call.

  • So now you don’t need to care about the jwt authentication process anymore, just go in and do it, feel free to be lazy 👏👏👏
  • Chotot ‘s postman file, you can use it by changing your phone and password.
  • Or practice on the project api I’m working on.


Share the news now

Source : Viblo