Newman Authentication Best Practices


I was hoping to get some guidance on best practices for authentication for requests in newman. I have a request configured that makes a request to our server, and gets token for use in subsequent requests. The token is stowed in an environment variable.

In subsequent requests, the token is used in the Authorization header for authentication purposes. This has worked fine for us when using Postman. We’d like to start using newman is a Gitlab pipeline, and that’s where I’m confused and would like guidance on best practices.

We have a collection of the tests we’d like to run, and it has folders for the category of tests. For example, a “Users” folder for user API requests, “Search” for search functionality and so forth. The login test (which gets the token) is in a folder called “Login”. My initial thought had been to create newman commands like so:

newman run collections/api.postman_collection.json -e environments/env.postman_environment.json --insecure --folder Login --folder Users

My thinking had been, perform the Login test, then the Users test. The problem is that since the order is not guaranteed, it runs out of order, and the Users tests (requiring authentication) will fail. It’s my hunch we haven’t set this up the best way, and I am hoping to get some clarification on designing the collection appropriately. Thoughts?