0
0
Postmantesting~15 mins

x-www-form-urlencoded body in Postman - Build an Automation Script

Choose your learning style9 modes available
LearnWhyDeepTraceTryChallengeAutomateRecallFrame
Verify API accepts x-www-form-urlencoded body and returns success
Preconditions (2)
Step 1: Open Postman and create a new POST request
Step 2: Set the request URL to 'https://api.example.com/login'
Step 3: Select the 'Body' tab
Step 4: Choose 'x-www-form-urlencoded' as the body type
Step 5: Add key 'username' with value 'testuser'
Step 6: Add key 'password' with value 'Test@1234'
Step 7: Click 'Send' to submit the request
✅ Expected Result: Response status code is 200 and response body contains JSON with key 'message' and value 'Login successful'
Automation Requirements - Postman/Newman
Assertions Needed:
Verify response status code is 200
Verify response body contains JSON key 'message' with value 'Login successful'
Best Practices:
Use Postman tests tab to write assertions
Use environment variables for endpoint URLs
Avoid hardcoding sensitive data in scripts
Validate both status code and response body content
Automated Solution
Postman
pm.test('Status code is 200', function () {
    pm.response.to.have.status(200);
});

pm.test('Response has success message', function () {
    const jsonData = pm.response.json();
    pm.expect(jsonData).to.have.property('message', 'Login successful');
});

The first test checks that the HTTP status code returned by the API is 200, which means the request was successful.

The second test parses the response body as JSON and verifies that it contains a key named 'message' with the exact value 'Login successful'.

These tests ensure the API correctly processes the x-www-form-urlencoded body and returns the expected success response.

Common Mistakes - 3 Pitfalls
{'mistake': 'Not setting the body type to x-www-form-urlencoded', 'why_bad': 'The API expects data in this format; sending JSON or raw text will cause the request to fail or be rejected.', 'correct_approach': "Always select 'x-www-form-urlencoded' in Postman body tab when required by the API."}
Hardcoding sensitive data like passwords directly in the test scripts
Only checking status code without verifying response content
Bonus Challenge

Now add data-driven testing with 3 different username and password combinations

Show Hint