Day 27 Scenario testing, Getting 403 for some requests

I have set up API key as per the instructions,

Post request

After submitting my post request it set the initial value of the token

so because of that in other requests, API key shows null in the header.
and if I manually update the value it gives 403 forbidden.
Unable to understand why?

I found out why I was getting 403.
Somehow my token is not updating in the collection variable although its printing right value in the console.
What is the problem with my script?

You can see in one of your screenshots that the current value is not being set on the collection variable.

Not sure why that is happening, as the code is fairly straight forward. I can’t see anything obvious that is wrong.

The first troubleshooting step I would attempt is to console log the collection variables straight after they are set.


On a side note and it shouldn’t make any difference but you are already declaring the “user_id” and “token” from the response, so why aren’t you using those variables when setting the collection variable?

pm.collectionVariables.set("user_id", user_id);
pm.collectionVariables.set("token", token);

On a final note, the recommendation when using confidential data like tokens, is to only use the current value. Therefore, I would define the token variable and set the initial value to null or something similar. Postman always uses the current value unless the current value is not set and it will then copy the initial value. Therefore I would recommend putting something obviously incorrect in the initial value.