Hi this would have been asked but have been googling for over an hour haven’t found the solution yet!
The Problem we have a bunch of API requests to run which we want to automate in jenkins so we are using Jenkins to run them via newman. All the requests require an access token which expires after an hour
Now we already have this working by writing a pre-request script for the collection which gets an access token (Microsoft azure 2.0) and then sets it as a collection variable. Great!
But I see this means every time it runs a request inside the collection it runs this pre-request script every time so every new request gets a new token
We would like to be able to run the whole collection using the same token and the only way I thought we can do that is by running a separate collection that does a get token and stores it back to the environment variable.
However, while this works when running in Postman, when its running using Jenkins, it is not setting the environment variable for the token, and also its reading the token back from the environment variable as null
I worked out why this is. When you run in postman and do a pm.environment.set(“key”, “value”) it stores it as the “current value” for the variable
But when newman runs it only reads from the “initial value”
Also it seems when the pm.environment.set(“key”, “value”) runs from newman it doesnt set it anyway and I read this is because of security risk because you dont want to send this stuff back through the postman servers
I noticed even though when the request runs from newman and runs the pre-request script and sets the token back to the collection variables: pm.collectionVariables.set(“key”, “value”) it is not actually saving that back to the collection when viewing it in postman anyway so Im guessing thats also because of the security risk and while it sets it back to the collection, its only set locally for the collection run but doesnt it set it permanently so hence its not setting it back through postman servers
so I accepted the fact that we probably cant have a solution where its going to generate a token once only and re-use it for the whole collection? However I noted that when I run a collection locally and it runs the pre-request script it actually does save the access token back to the collection variables! So isn’t that a security risk because that means it’s sending the access token back through postman servers so it can be saved? Because when I refresh the postman the access token is there saved to the collection!
Whatsmore you cannot make a colelction variable to be secret like you can do with the environment variables
Sorry for the long post but I would just like to know whats the best solution when you need an access token generated so that following requests can still use it?
Seems so far the best solution is as Im doing running a pre-request script to generate it and store it to the collection variable but is there any way when you run this inside postman it can run the same as newman does and only sets it locally and doesnt actually save it back to the postman variables and therefore isnt sending it back through the web?
alternatively, the only way I could get it working setting the token at the environment level is to get newman working so when its setting an environment variable it works and saves it back to the initial value but I dont think thats an option as it wont let you do that?