Bird
Raised Fist0
Postmantesting~5 mins

Header assertions in Postman - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepTraceTryChallengeAutomateRecallFrame

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is a header assertion in API testing?
A header assertion checks if the response headers from an API contain expected values, like content type or authorization status.
Click to reveal answer
beginner
How do you assert a response header in Postman?
Use the test script with pm.response.headers.get('Header-Name') and compare it to the expected value using assertions.
Click to reveal answer
beginner
Why is it important to check the 'Content-Type' header in API responses?
Because it tells the client how to interpret the response data, like JSON or HTML, ensuring correct processing.
Click to reveal answer
intermediate
Example of a Postman test script to check if 'Content-Type' is 'application/json'.
pm.test('Content-Type is application/json', () => { pm.response.to.have.header('Content-Type'); pm.expect(pm.response.headers.get('Content-Type')).to.include('application/json'); });
Click to reveal answer
beginner
What happens if a header assertion fails in Postman?
The test will fail and show an error in the test results, indicating the header did not match the expected value.
Click to reveal answer
Which Postman method retrieves a response header value?
Apm.response.header('Header-Name')
Bpm.request.headers.get('Header-Name')
Cpm.response.body.get('Header-Name')
Dpm.response.headers.get('Header-Name')
What does the 'Content-Type' header specify in an API response?
AThe size of the response body
BThe format of the response data
CThe server's IP address
DThe HTTP status code
If a header assertion fails in Postman, what is the result?
AThe test fails and shows an error
BThe response body is ignored
CThe request is retried automatically
DThe test passes silently
Which of these is a valid assertion to check a header exists in Postman?
Apm.response.header.exists('Authorization')
Bpm.response.has.header('Authorization')
Cpm.response.to.have.header('Authorization')
Dpm.response.check.header('Authorization')
Why should you test headers in API responses?
ATo verify response data format and security info
BTo check the server's uptime
CTo measure response time
DTo validate the request payload
Explain how to write a Postman test to assert that the 'Content-Type' header is 'application/json'.
Think about checking header presence first, then comparing its value.
You got /4 concepts.
    Why are header assertions important in API testing? Give two reasons.
    Consider what headers tell the client about the response.
    You got /3 concepts.

      Practice

      (1/5)
      1. What does the Postman assertion pm.response.to.have.header('Content-Type') check for?
      easy
      A. It checks if the response body contains the text 'Content-Type'.
      B. It checks if the response includes a header named 'Content-Type'.
      C. It verifies the status code of the response is 200.
      D. It checks if the request has a header named 'Content-Type'.

      Solution

      1. Step 1: Understand the assertion method

        The method pm.response.to.have.header() is used to check response headers.

      2. Step 2: Identify what is being checked

        The argument 'Content-Type' specifies the header name to look for in the response.

      3. Final Answer:

        It checks if the response includes a header named 'Content-Type'. -> Option B

      4. Quick Check:

        Header presence check = It checks if the response includes a header named 'Content-Type'. [OK]
      Hint: Look for 'response.to.have.header' to check response headers [OK]
      Common Mistakes:
      • Confusing response headers with response body content
      • Checking request headers instead of response headers
      • Assuming it checks status codes
      2. Which of the following is the correct syntax to assert that the response header 'Cache-Control' has the value 'no-cache' in Postman?
      easy
      A. pm.expect(pm.response.headers.get('Cache-Control')).to.eql('no-cache');
      B. pm.response.to.have.header('Cache-Control', 'no-cache');
      C. pm.expect(response.headers['Cache-Control']).to.equal('no-cache');
      D. pm.response.headers('Cache-Control').equals('no-cache');

      Solution

      1. Step 1: Recall correct Postman syntax for header value assertion

        Use pm.expect(pm.response.headers.get('Header-Name')).to.eql('value') to check header value.

      2. Step 2: Check each option's syntax

        pm.expect(pm.response.headers.get('Cache-Control')).to.eql('no-cache'); uses correct method headers.get() and assertion to.eql(). Others have syntax errors or incorrect usage.

      3. Final Answer:

        pm.expect(pm.response.headers.get('Cache-Control')).to.eql('no-cache'); -> Option A

      4. Quick Check:

        Use headers.get() with pm.expect() [OK]
      Hint: Use headers.get('name') inside pm.expect() for header value checks [OK]
      Common Mistakes:
      • Using incorrect method like headers('name')
      • Trying to pass two arguments to to.have.header()
      • Using response.headers as an object without get()
      3. Given this Postman test snippet:
      pm.test('Check Server header', () => {
  pm.expect(pm.response.headers.get('Server')).to.equal('nginx');
});

      What will happen if the response header 'Server' is 'Apache'?
      medium
      A. The test will be skipped automatically.
      B. The test will pass because the header exists.
      C. The test will throw a syntax error.
      D. The test will fail because the header value is not 'nginx'.

      Solution

      1. Step 1: Understand the assertion

        The test expects the 'Server' header value to be exactly 'nginx'.

      2. Step 2: Compare actual header value

        The actual header value is 'Apache', which does not match 'nginx', so assertion fails.

      3. Final Answer:

        The test will fail because the header value is not 'nginx'. -> Option D

      4. Quick Check:

        Value mismatch causes failure [OK]
      Hint: Exact value mismatch causes test failure [OK]
      Common Mistakes:
      • Assuming header presence is enough to pass
      • Thinking syntax error occurs on value mismatch
      • Believing test skips on assertion failure
      4. You wrote this Postman test:
      pm.test('Check Content-Length', () => {
  pm.expect(pm.response.headers.get('Content-Length')).to.be('1234');
});

      Why does this test fail to run correctly?
      medium
      A. Because the value '1234' is a number and should not be in quotes.
      B. Because 'Content-Length' header does not exist in the response.
      C. Because to.be is not a valid assertion method; it should be to.equal or to.eql.
      D. Because pm.response.headers.get returns an array, not a string.

      Solution

      1. Step 1: Check assertion method correctness

        The method to.be is not a valid Chai assertion method for value equality in Postman.

      2. Step 2: Identify correct assertion method

        Use to.equal or to.eql to compare values correctly.

      3. Final Answer:

        Because to.be is not a valid assertion method; it should be to.equal or to.eql. -> Option C

      4. Quick Check:

        Use to.equal() for value assertions [OK]
      Hint: Use to.equal() or to.eql() for value checks, not to.be [OK]
      Common Mistakes:
      • Using to.be() instead of to.equal()
      • Assuming header value is numeric without quotes
      • Thinking headers.get() returns array
      5. You want to write a Postman test to verify that the response has a header named 'X-Rate-Limit' and its value is a number greater than 1000. Which code snippet correctly achieves this?
      hard
      A. pm.test('X-Rate-Limit check', () => { const val = Number(pm.response.headers.get('X-Rate-Limit')); pm.expect(val).to.be.above(1000); });
      B. pm.test('X-Rate-Limit check', () => { pm.expect(pm.response.headers.get('X-Rate-Limit')).to.be.greaterThan(1000); });
      C. pm.test('X-Rate-Limit check', () => { pm.expect(pm.response.headers.has('X-Rate-Limit')).to.equal(true); pm.expect(pm.response.headers.get('X-Rate-Limit') > 1000).to.be.true; });
      D. pm.test('X-Rate-Limit check', () => { pm.expect(parseInt(pm.response.headers.get('X-Rate-Limit'))).to.be.greaterThan(1000); });

      Solution

      1. Step 1: Extract and convert header value to number

        Use Number() to convert the header string value to a number for comparison.

      2. Step 2: Use correct assertion for numeric comparison

        Use pm.expect(val).to.be.above(1000) to check if the number is greater than 1000.

      3. Final Answer:

        pm.test('X-Rate-Limit check', () => { const val = Number(pm.response.headers.get('X-Rate-Limit')); pm.expect(val).to.be.above(1000); }); -> Option A

      4. Quick Check:

        Convert header to number, then assert with to.be.above() [OK]
      Hint: Convert header string to number before numeric assertions [OK]
      Common Mistakes:
      • Using to.be.greaterThan() which is not a valid Chai method
      • Not converting header value to number before comparison
      • Trying to compare header string directly to number