Building a request

I am trying to build a request for customer information using the REST API provided by Preferred Patron loyalty system. The authentication is BASIC. They provide instructions on formatting the key but I don’t see where to enter that in POSTMAN. POSTMAN is asking for a user ID and password, which is not the format that Preferred Patron uses.

Hey @t3chlady, welcome to the community!

Our authorization helpers are extremely useful for authorization flows that follow the specification – in this case, Basic Auth.

If the third party API you are consuming requires some different encoding, that’ll need to be handled outside of the helper as it isn’t (currently) customizable to account for custom authorization implementations.

You’ll need to verify this with the third-party API, but Basic Auth is usually a username and password combination that’s base64 encoded. This can be done any number of ways but if you want to handle that programmatically in Postman, here are some steps.

  • Identify whether the API requires authorization to be passed in the header or parameter (or anywhere else in the request)
  • Set up the request in Postman
  • Create an environment template with the information you need – i.e. username and password
  • In the pre-request script of your request, you can insert some Javascript to handle the base64 encoding of the credentials saved to the environment template
  • Pass the encoded credentials in the request as needed by the API (header/parameter)

Here’s a snippet of the pre-request script (not plug-and-play):

// Initializing local variables from the environment variables for encoding
let email = pm.environment.get("username"),
    password =  pm.environment.get("password");

// Using the btoa (Binary to ASCII) function to base64 encode the credentials
let encodedAuth = btoa( email + ":" + password);

// Logging the encoded credentials in the Postman console for inspection
console.log(`Encoded`, encodedAuth);

// Creating (or updating) an environment variable with the encoded information that can be passed as a header,parameter
pm.environment.set("encodedAuth", "Basic " + encodedAuth);

I’ve put together a template highlighting all of the information above and you can pull it directly into your instance of Postman for further use.

Heres some other good/related reading material in our docs:

1 Like

The technical department from Preferred Patron showed me how to enter the configured key through the Postman user interface and we were able to successfully execute a request for a client. Thank you for the additional information but I am not familiar with the language that you are using. I see that you have objects and methods but I am not certain how I would use the particular ones you published. All of our code is C# and Preferred Patron has provided the specific User ID and password, along with a Client Key to make requests. I’m not using environment variables. If there is a benefit to use environment variables I would be interested in learning about that.

The information above is Postman-specific – a request can have arbitrary logic added in the Pre-Request and Tests section of the request and the language that’s supported is Javascript.

Postman is operating at the HTTP layer, so specific languages are abstracted away for the request itself.

I wasn’t able to find any public-facing documentation for the preferred patron API so I can’t talk specifics, but authorization information (tokens, encoded credentials, etc) are usually sent in a request as either a Header or a Parameter. Again, this isn’t always the case but Postman provides you with an easy way to enter that information in the app.

Configuring Request Parameters

Configuring Request Headers

If there’s some public-facing documentation, please do let me know

1 Like

Thank you Chris I worked with the tech at preferred patron and showed him your notes and we figured it out— thank you :blush:

That’s awesome!

Feel free to add any notes to the thread that we didn’t cover in the event that someone out there runs into the same issue and isn’t able to suss out a solution :).