Hi,
I’m using an API which needs an API_KEY and API_SECRET to be sent in the headers for each request.
I want to set this once for the entire collection of requests.
In the collection auth, it’s possible to enter an API_KEY but not a secret.
Any suggestions on how to do this?
Thanks
you can add custom headers 
pm.request.addHeader("API_KEY","value")
pm.request.addHeader("API_SECRET","value")
Add this to pre-requisite script in the collection level
What kind of Auth is your API using?
If the API is using basic authentication, you must combine the api key and secret in this format:
api_key:api_secret
and then base64 encode it. You would then pass in the encoded string as your authentication. This site does a pretty good job at making it simple for you to get it in the right format.
If your API auth uses OAuth2.0, the steps are a bit more involved, we can go into that if you think it’s necessary.
That’s a basic authentication , postman natively supports it
You will get in the authentication drop down
Thanks guys. This site doesn’t use basic auth, they just need their specific key and secret values in the headers.
It would be nice if the product supported common headers in a tab, like variables, but I guess some pr-request javascript will do. 
I just came across a problem with this solution. The only works when running the whole collection in the collection runner. When running a single request the collection pre-request scripts don’t run.
With auth, this does work since there is inheritance.
Thats not correct , it should work for single request also . What postman version you are using
Sorry, my mistake. It does work by setting the headers in the collection - even when running a single request BUT for me it only works using the following format:
pm.request.headers.add( { key: “API_KEY”, value: pm.environment.get(“API_KEY”) } );
pm.request.headers.add( { key: “API_SECRET”, value: pm.environment.get(“API_SECRET”) } );
I’m using postman in the browser: v7.26.10