I want to loop through different sets of credentials against a single request in the collection runner for Postman API Testing, but I'm not sure how best to dynamically set the credentials for each iteration?
Related
I am using the amazon-cognito-identity-js library in express/node backend to handle all authentication. Basically when I try to log in on my front end, it logs me in and persists the state without ever storing tokens in localstorage. Is this happening because I implemented the library in the backend, so all the session data is being stored on the server? I don't pass tokens from the backend to the frtontend. Is it a good approach? I understand this library was meant for frontend but it seems like it is working in the backend too?
I'm not sure how you have implemented this in the backend. Doesn't it just overwrite sessions as multiple users log in? This is why it was designed to be implemented on the front end. If you want your backend to handle authentication then you are passing credentials to you backend which might not be a good idea. But if you still want to go with this approach then you can write an API that accepts credentials and returns tokens. Do it without sdk and don't store any tokens. On front end you can store tokens in localstorage if you want.
I have created postman collection for unit testing of APIs.
I need to handle below scenario.
My second API generates OTP and sends it over email but its not part of response.
I want to pass that OTP in request body of 3rd API.
I am executing postman collection using Collection Runner.
Is there any way I can pause the execution and set this environment variable and then resume.
Or any other better option. Please suggest.
There is a way to do it but it require some knowledge of server side technologies ( for example Spring boot). you can create a new api which is kind of wrapper over your OTP api and it will read the OTP from either your mail/DB and send it as a part of Http response and then you can use that wrapper API in your Postman collection to fetch the OTP and then save it as a env variable and use it in further apis. I am also doing the same way.
I have my web application. Now i want to integrate salesforce into my web app so that i can push data from my app to any salesforce org after the authentication(OAuth).
I found 2 ways:
1. Connected Apps
2. via wsdl generation file and use
I created a connected app from my developer account and i authenticated using consumer key, cusumer secret key(from my connected app) and username of user and secret token of the user account.
I tried with another free trail account, It's validating and fetching the details and post data also working.
My question is, shall i deploy my connected app into app exchange, then only i caan use REST APIs ?
generating wsdl and coding around is the better option than the above ?
Is there a option, only one time authentication enough for any number of sessions and use the REST APIs?
Please suggest me a best way to proceed.
You're mixing up a couple of independent issues here.
If you're going to authenticate via OAuth, you must have a Connected App.
A SOAP API login() call requires you to store a username and password, which is undesirable.
There is no way to "permanently" authenticate, i.e., to get a session id that never expires. Your app must always be ready to get a new access token via the OAuth refresh token it obtains and stores (via, for example, the Web Server OAuth flow), or to reauthenticate via JWT flow.
Connected Apps are global metadata in most cases. You don't need to deploy a Connected App into a target org in order to authenticate using its Client Id and Secret into that org. The only exception I'm aware of is if you want to use the JWT flow with a certificate and preauthorized Profiles and Permission Sets.
Based on what you've shared, I don't see any reason for the AppExchange to be involved.
I'm using Nativescript with AWS Amplify to login to AWS AppSync.
The session stored by Amplify is cleared after app refresh. I get no user from Auth.currentSession() after app refresh.
However, I store the jwt from login and can access endpoints manually by passing that in header.
I would like to use this to make Amplify believe that a user is logged in to use it in other parts of the application.
Is there a way to manually set credentials to use all the functionality of Amplify?
And how is successful login handled? How can I emulate the behaviour after successful login to set current session credentials manually?
There is no possible way to this this as of now, however according to this and this issue on github, they have acknowledged this as a feature-request and are probably working on this.
The solution to my problem was to use the nativescript-localstorage module and assign global["storage"] to this module.
import * as storage from "nativescript-localstorage"
global["storage"] = storage;
I want to send a http request to a webservice ,which I implemented earlier, that need the user to be login. Now, I implemented a form page that do this for me and I need to change it for every different request.
As far as I know, Django need "csrftoken" and "sessionid" to allow requests. Unfortunately, I can not figure out how to add this two field to Postman client and interact with my Django services.
Postman receives cookies from chrome and you can retrieve them using the Postman interception plugin.
See here
Now after installing the plugin :
Create a new environment so environment variables can be stored
Create a method with a test to store the XSRF cookie value in an environment variable, in the test tab post this code
var token = postman.getResponseCookie("XSRF");
postman.setEnvironmentVariable("xsrf-token", token .value);
Now you will have an environment variable with xsrf-token in it.
Save your method
Create the new post and add XSRF-Token-Header Key in the header.
Access the token value with {{xsrf-token}}
Now before running your new request make sure you run the method, so that it can store the environment variable, and then when you run the actual request it will append its value in the header.
You can also refer this post.
Just in case : For ajax requests you can refer to the django docs