I’ve created a non-expiring service auth in Cloudflare. Currently I am adding the credentials to my header using this pre-request script technique which works, but I’m wondering if I’m doing it right?
Is there a way to do this under the authorization tab?
The two headers look like this:
CF-Access-Client-Id: e97f0EXAMPLEc00.access
CF-Access-Client-Secret: f36EXAMPLE20b
The API Key type will allow you to add a single header, but not two.
The value can point to a variable using {{variableName}}.
None of the other options will allow you to just add a header as far as I’m aware.
All the authorization helpers generally do is add the authorization token to the header or body based on the standard for that option. If you already have a non expiring token, I don’t see the need to use the authorization helpers at all. They are used to help generate or refresh tokens.
You could just use the headers tab, and just add the two entries. This will also allow you to store the credentials securely in the current value of an environment variable.
Hi @aviation-participan6. Welcome to the Postman Community!
Currently, one way to do this is in your pre-request scripts as Danny suggested. Since the headers here are confidential, you can store them in a collection or environment variable and use them in your script as such:
const client_id= pm.environment.get("client_id");
const client_secret = pm.environment.get("client_secret");
pm.request.headers.add({key: "CF-Access-Client-Id", value: client_id });
pm.request.headers.add({key: "CF-Access-Client-Secret", value: client_secret });
Thank you, it sounds like I’m doing it right then @gbadebo-bello
@michaelderekjones the reason I wanted to use the Authorization section is because I can’t set the Headers at the collection level, but you can set the Authorization.
Ok that makes sense, so it looks like the pre-request script is the best option.
As Gbadebo has recommended, its best to store these as environment variables.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.