Bearer Token Automated

35627543884 · October 20, 2020, 5:48pm

My GET request needs the POST Bearer Token. However, every time I have to generate the Bearer Token in POST and copy and paste to GET. Is there a way to automate this test, please?

prabhumohan09 · October 20, 2020, 6:09pm

Hi @35627543884

In a simple way, You can get the token value from your post response and keep as a global environment variable. And use it for your GET request

refer more info: https://medium.com/@iroshan.du/set-bearer-token-as-environment-variable-in-postman-for-all-apis-13277e3ebd78

arnezelasko · December 7, 2022, 3:46pm

Interesting. But as far as i understand you need still run the auth request from time to time. Is there a possibility to configure that the gloabl bearer token is set automatically when i run a specific endpoint ?

michaelderekjones · December 8, 2022, 10:55am

@arnezelasko

Yes, but you’ll need to configure it as a pre-request script instead of using the in-built authentication. You can add this at the request level, the folder or collection. Whatever works best for you.

The following is an example of authenticating to Microsoft. It will check the expiry date on the token and only get a new token if the threshold has passed.

pm.test("Check for collectionVariables", function () {
    let vars = ['clientId', 'clientSecret', 'tenantId', 'username', 'password', 'scope'];
    vars.forEach(function (item, index, array) {
        console.log(item, index);
        pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.undefined;
        pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.empty; 
    });

    if (!pm.collectionVariables.get("bearerToken") || Date.now() > new Date(pm.collectionVariables.get("bearerTokenExpiresOn") * 1000)) {
        pm.sendRequest({
            url: 'https://login.microsoftonline.com/' + pm.collectionVariables.get("tenantId") + '/oauth2/v2.0/token',
            method: 'POST',
            header: 'Content-Type: application/x-www-form-urlencoded',
            body: {
                mode: 'urlencoded',
                urlencoded: [
                    { key: "client_id", value: pm.collectionVariables.get("clientId"), disabled: false },
                    { key: "scope", value: pm.collectionVariables.get("scope"), disabled: false },
                    { key: "username", value: pm.collectionVariables.get("username"), disabled: false },
                    { key: "password", value: pm.collectionVariables.get("password"), disabled: false },                    
                    { key: "client_secret", value: pm.collectionVariables.get("clientSecret"), disabled: false },
                    { key: "grant_type", value: "password", disabled: false },
                ]
            }
        }, function (err, res) {
            if (err) {
                console.log(err);
            } else {
                pm.test("Status code is 200", () => {
                    pm.expect(res).to.have.status(200);
                });
                let resJson = res.json();
                pm.collectionVariables.set("bearerTokenExpiresOn", resJson.expires_in);
                pm.collectionVariables.set("bearerToken", resJson.id_token);
            }
        });
    }
});