I need to assert the response I sent via pm.sendRequest()

I have created a POST request to generate a token for myself. Next, I wrote the code for assertion using pm.test(), and it’s working. Following that, I sent another request via pm.sendRequest(). As a result of this request, I am receiving a response but not able to assert it.

I should be able to assert a response if I am receiving one.

Any and all help is appreciated!

Hi @navigation-speciali9

Can you show us what you have tried?
Screenshot maybe?

Hi @w4dd325, Due to some security concerns, I won’t be able to send screenshots. Below is the information I would like to share with you.

  • In order to create a token, I have created a POST request using the URL: https://exampletokensome.com/token.
  • There is one header with a cookie key and value
  • There are five fields in the body: grant_type, client_id, client_secret, refresh_token, and redirect_uri
  • Here is the code for the tests:
    pm.test(“Generate Token”, function () {
    var access_token = “abcd”;
    var options1 = {
    ‘method’: ‘GET’,
    ‘url’: ‘example.com’,
    ‘header’: {
    ‘Authorization’: access_token,
    ‘Cookie’: ‘abcd’
    pm.sendRequest(options1, function (error, response) {
    pm.test(“T001”, function () {
    //pm.sendRequest(options1, function (error, response) {
    // var res = response.json();
    // console.log(res);
    // });

Try to make the token as pre script and assertion as normal test.

  1. Use prescript and sent request.get the response and do whatever you need

  2. 2nd request you can make them as normal test and assert them

There are various ways to do this, but normally you would retrieve the token via the built-in authorisation options which includes OAuth2.

You can also use a pre-request script.

You could also retrieve the token via a normal request and then use the tests tab to set an environment or collection variable to use in the next request.

The point is that you aren’t usually testing the token aspect. You are testing the next request. Therefore, I would have this part as a normal request in Postman and the authentication should either be a pre-request, use the built- in authorisation or be a completely separate step.

I think the problem with your code is that when you use sendRequest, it’s not using the pm.response function, but a raw response.

Instead of this.


Use this.


On a side note, this is an example of using a pre-request script to retrieve a token.

pm.test("Check for collectionVariables", function () {
    let vars = ['clientId', 'clientSecret', 'tenantId', 'username', 'password', 'scope'];
    vars.forEach(function (item, index, array) {
        console.log(item, index);
        pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.undefined;
        pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.empty; 

    if (!pm.collectionVariables.get("bearerToken") || Date.now() > new Date(pm.collectionVariables.get("bearerTokenExpiresOn") * 1000)) {
            url: 'https://login.microsoftonline.com/' + pm.collectionVariables.get("tenantId") + '/oauth2/v2.0/token',
            method: 'POST',
            header: 'Content-Type: application/x-www-form-urlencoded',
            body: {
                mode: 'urlencoded',
                urlencoded: [
                    { key: "client_id", value: pm.collectionVariables.get("clientId"), disabled: false },
                    { key: "scope", value: pm.collectionVariables.get("scope"), disabled: false },
                    { key: "username", value: pm.collectionVariables.get("username"), disabled: false },
                    { key: "password", value: pm.collectionVariables.get("password"), disabled: false },                    
                    { key: "client_secret", value: pm.collectionVariables.get("clientSecret"), disabled: false },
                    { key: "grant_type", value: "password", disabled: false },
        }, function (err, res) {
            if (err) {
            } else {
                pm.test("Status code is 200", () => {
                let resJson = res.json();
                pm.collectionVariables.set("bearerTokenExpiresOn", resJson.expires_in);
                pm.collectionVariables.set("bearerToken", resJson.id_token);

On another side note. Those secrets really ought to be environment variables.

I say environment as you can then set the variables as secret so they are only available locally to you.

They don’t get uploaded to the Postman cloud and won’t be included if you export the collection to load into a code repository to use in a continuous integration tool.

You then need to send those variables as part of the pipeline or command line.