Prepend all api calls with commands

We have an internal API that requires all queries to be run in a tunnel. Specifically, cloudflare tunnel. This is for token based authentication to the api as well. The structure of the api calls are :

cloudflared access curl โ€œhttps://api/endpointโ€ -[options] โ€˜{[payload]}โ€™

I looked at pre-request scripts but those do not seem to be what I need. Is there any way to do this in postman? Or if pre-request scripts are the answer, can someone post an example on how to use these?


Option 1.
Get your request working in cURL and then import into Postman as a normal request in the GUI. You will then parse the response to get the token which you can save as an environment variable to use in subsequent requests.

Option 2.
You will have a lot more control using a pre-request script with sendRequest, which can deal with details like token expiry.

The following is an example of authenticating to Microsoft that you should be able to adopt.

let currentDateTime =;
let tokenExpiry = pm.environment.get("bearerTokenExpiresOn")
// console.log("currentDateTime: " + currentDateTime);
// console.log("tokenExpiry: " + tokenExpiry);
if (!pm.environment.get("bearerToken") || currentDateTime > tokenExpiry) {
    pm.test("Pre-request check for Environment Variables", function () {
        let vars = ['clientId', 'clientSecret', 'tenantId', 'username', 'password', 'scope'];
        vars.forEach(function (item) {
            // console.log(item);
            pm.expect(pm.environment.get(item), item + " variable not set");
            pm.expect(pm.environment.get(item), item + " variable not set");
            url: '' + pm.environment.get("tenantId") + '/oauth2/v2.0/token',
            method: 'POST',
            header: 'Content-Type: application/x-www-form-urlencoded',
            body: {
                mode: 'urlencoded',
                urlencoded: [
                    { key: "client_id", value: pm.environment.get("clientId"), disabled: false },
                    { key: "scope", value: pm.environment.get("scope"), disabled: false },
                    { key: "username", value: pm.environment.get("username"), disabled: false },
                    { key: "password", value: pm.environment.get("password"), disabled: false },
                    { key: "client_secret", value: pm.environment.get("clientSecret"), disabled: false },
                    { key: "grant_type", value: "password", disabled: false },
        }, function (err, res) {
            if (err) {
            } else {
                pm.test("Pre-request Microsoft login Status code is 200", () => {
                    let resJson = res.json();
                    // console.log(resJson);
                    pm.environment.set("bearerToken", resJson.id_token);
                    pm.environment.set("bearerTokenExpiresOn", + resJson.expires_in * 1000);
                    // console.log("bearerTokenExpiresOn: " + pm.environment.get("bearerTokenExpiresOn"));

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.