Get the x-csrf-token Value


i use the following javascript code to fetch the x-csrf-token from a server.
In postman the value is showed in the header response.

How can i access the response header using javascript. How can i get the x-csrf-token value and save it in a variable to be reused?

function test2(){

var myHeaders = new Headers();
myHeaders.append("x-csrf-token", "FETCH");
myHeaders.append("Authorization", "Basic FrtZTRIUZUIJIBHxOTpJTklUMTI=");

var requestOptions = {
  method: 'GET',
  headers: myHeaders,
  redirect: 'follow'

fetch("", requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));



The easier path here might be to move this call into its own request instead of using fetch. If you move it, you’d be able to use pm.response.headers.get('x-csrf-token'); in the tests section and save that to a variable.

1 Like

thank you for your response.

The problem i cant use the test section because i want to run this GET in a separated Application.

When i use pm.response.headers.get(‘x-csrf-token’); in the andoird application i get pm is ot defined as response.

Is the use of pm outside Postman possible?

Thank you

Hey there,
pm.* , provides access to request and response data, and variables. The pm API is basically to use within Postman context.

For an Android application, based on the language and the library(HTTP client) you use to make the request, you might want to get the response headers. For example, this issue on StackOverflow discusses how to get the response header for response returned using HttpUrlConnection as the client.