Batch Edit Authorization Type

I just imported my OAS 2.0 spec to Postman and it created a collection. All of the requests have an authorization type of “No Auth”. I’d like to change them all to “Bearer Token” without editing every request.

Hey @joshua,

Have you tried adding the Authorization at the Collection level?

https://learning.getpostman.com/docs/postman/sending_api_requests/authorization/#inherit-auth-from-parent

Yeah, but all of them are currently set to No Auth which is the default. I wish the default was inherit from parent.

If you set the Authorization at the Collection level to be Bearer Token and handle the Auth from there, the requests should pick that up.

Do you give it a go?

I did that. When I imported the OAS file it set all of them to No Auth. That’s the default according to the documentation. I changed the collection to Bearer Token. Did not change all of the requests to Inherit from parent or Bearer Token.

You can export the collection, the exported collection is a JSON format.

Then you can open the exported collection.json file in an IDE (for eg. VSCode), and you’ll see that each request has a property called auth.

image

Just find all (VSCode lets you do a multiline find and replace) and delete the entire auth object, and then import the collection back into Postman, now all the requests will be inheriting from the parent (i.e collection in this case)

4 Likes

This workaround no longer appears to work.

If I remove the auth property from the request my request continues to have the auth property.

I created a simple collection with one get endpoint. The collection auth is set to OAuth2 and the request is originally set to noauth. This behavior happens when I create a collection from an api schema.

using GET /collections/:collectionId I receive:

{
    "collection": {
        "info": {
            "_postman_id": "b2346a78-65c2-428b-a7cf-14ec384e520e",
            "name": "AuthTest",
            "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
        },
        "item": [
            {
                "name": "get with auth",
                "id": "a2464652-85ad-4b45-ab00-8e25c64e2e80",
                "protocolProfileBehavior": {
                    "disableBodyPruning": true
                },
                "request": {
                    "auth": {
                        "type": "noauth"
                    },
                    "method": "GET",
                    "header": [],
                    "url": {
                        "raw": "https://example.com/path",
                        "protocol": "https",
                        "host": [
                            "example",
                            "com"
                        ],
                        "path": [
                            "path"
                        ]
                    }
                },
                "response": []
            }
        ],
        "auth": {
            "type": "oauth2",
            "oauth2": [
                {
                    "key": "addTokenTo",
                    "value": "header",
                    "type": "string"
                }
            ]
        },
        "event": [
            {
                "listen": "prerequest",
                "script": {
                    "id": "31d30429-ada1-4e40-90b4-1a8d99945aa8",
                    "type": "text/javascript",
                    "exec": [
                        ""
                    ]
                }
            },
            {
                "listen": "test",
                "script": {
                    "id": "28e72b7d-872f-4061-89d4-307a2cbbb59a",
                    "type": "text/javascript",
                    "exec": [
                        ""
                    ]
                }
            }
        ]
    }
}

Editing the request and sending the following body to PUT /collections/:collectionId

{
    "collection": {
        "info": {
            "_postman_id": "b2346a78-65c2-428b-a7cf-14ec384e520e",
            "name": "AuthTest",
            "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
        },
        "item": [
            {
                "name": "get with auth",
                "id": "a2464652-85ad-4b45-ab00-8e25c64e2e80",
                "protocolProfileBehavior": {
                    "disableBodyPruning": true
                },
                "request": {
                    "method": "GET",
                    "header": [],
                    "url": {
                        "raw": "https://example.com/path",
                        "protocol": "https",
                        "host": [
                            "example",
                            "com"
                        ],
                        "path": [
                            "path"
                        ]
                    }
                },
                "response": []
            }
        ],
        "auth": {
            "type": "oauth2",
            "oauth2": [
                {
                    "key": "addTokenTo",
                    "value": "header",
                    "type": "string"
                }
            ]
        },
        "event": [
            {
                "listen": "prerequest",
                "script": {
                    "id": "31d30429-ada1-4e40-90b4-1a8d99945aa8",
                    "type": "text/javascript",
                    "exec": [
                        ""
                    ]
                }
            },
            {
                "listen": "test",
                "script": {
                    "id": "28e72b7d-872f-4061-89d4-307a2cbbb59a",
                    "type": "text/javascript",
                    "exec": [
                        ""
                    ]
                }
            }
        ]
    }
}

I get a success response. However, making another GET /collections/:collectionId returns the original body with the request object having the auth set to noauth.

I can find no way of removing the auth property once it exists on a request object using the PUT endpoint for the collection. Is there any way to remove the auth property or set the property to inherit from parent? Using the postman client and setting the endpoint to Inherit from parent does the right thing but I want to do it via the API not using the client.

Thanks,
Rob