Api calls succeed in Runner but fail when run manually

Hoping someone has some debugging tips\ideas here: a handful of calls which used to run successfully, now fail with 403s when run manually. This would seem straight forward to debug except when running this collection in Runner, all tests pass with 200’s.

Viewing logs on our server show that for the failures, our session_id (part of our auth scheme) isn’t passed when run manually, but is passed when run in Runner.

Has Postman’s handling of cookies changed recently? Any other ideas?


  • Ryan

@rharmaning I am not 100% sure but I am guessing this might be because of a recent issue regarding the ability to store secure cookies in the app.
This issue is being actively tracked here https://github.com/postmanlabs/postman-app-support/issues/4581

When using runner the secure cookies created by sending one request will be stored in memory and will be used in the next request. While doing in manually it will try to save the cookie which would fail.

The fix for this is already pushed on the canary build which you can get from https://www.getpostman.com/canary

1 Like

@postman-harryi3t - appears to be fixed in the canary build! Thanks for the response and explanation of cookie-handling - that additional insight is helpful!

On a similar note, is there a way to pass a cookie to the next url in a PHP CURL script?

In Postman, it’s done automatically; when I login to a remote login.asp, I clearly see the cookie


and when I goto the next page to do a search with x-www-form-urlencoded, it works to bring in the body of the html text, in Postman.

However, when I use PHP CURL, there is an error. I can successfully grab the cookie from the login page:

// execute!
$response = curl_exec($ch);

// get cookie
// multi-cookie variant contributed by @Combuster in comments
preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $response, $matches);
$cookies = array();
foreach($matches[1] as $item) {
    parse_str($item, $cookie);
    $cookies = array_merge($cookies, $cookie);
$cookieArr = [];

foreach ($cookies as $key => $value) {
	$cookieArr[$key] = $value;

but when I try to pass the cookie to the search page, it fails:

    $ccokie = $cookieKey.'='.$cookieValue;  //  ASPSESSIONIDCWQCTSBR = ENCJPGFCBCDDLAFEOCPIAJDH
curl_setopt($ch, CURLOPT_COOKIE, $ccokie);

It gives me a redirect in the header, like I didn’t enter the proper parameters:

reponse:HTTP/1.1 100 Continue HTTP/1.1 302 Object moved Cache-Control: no-cache Pragma: no-cache Content-Length: 130 Content-Type: text/html Expires: Sun, 10 Mar 2019 14:58:49 GMT Location: login.asp Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sun, 10 Mar 2019 14:59:48 GMT

It is not a search issue since that would provide an improper search text in the body of the html if that were the case:

        <b>There was a problem processing your search request</b>
        <br>You must select at least one account to search.

But it just tries to redirect me to the login page again:
# Object Moved
This object may be found here.

Any ideas on where this is going wrong in PHP CURL?

Many thanks,