0
0
Postmantesting~8 mins

Inheriting auth from collection in Postman - Framework Patterns

Choose your learning style9 modes available
LearnWhyDeepTraceTryChallengeAutomateRecallFrame
Framework Mode - Inheriting auth from collection
Folder Structure
Postman Collection Project/
├── collections/
│   ├── MyCollection.postman_collection.json  (Main collection with auth)
│   └── SubCollection.postman_collection.json (Sub-collection inheriting auth)
├── environments/
│   ├── dev.postman_environment.json
│   └── prod.postman_environment.json
├── scripts/
│   └── pre-request-scripts.js
├── tests/
│   └── test-scripts.js
└── README.md
Test Framework Layers
  • Collection Layer: Holds the main Postman collection JSON files. The main collection defines the authentication method (e.g., Bearer Token, OAuth2).
  • Sub-Collection Layer: Contains sub-collections or folders that inherit authentication settings from the main collection to avoid repetition.
  • Environment Layer: Stores environment variables like base URLs, tokens, and credentials for different environments (dev, prod).
  • Scripts Layer: Contains pre-request and test scripts to run before or after requests for setup, validation, or token refresh.
  • Tests Layer: Contains test scripts that assert response correctness and status codes.
Configuration Patterns
  • Authentication Inheritance: Define authentication at the collection level in Postman. Sub-collections or folders inherit this auth automatically unless overridden.
  • Environment Variables: Use environment variables for sensitive data like tokens and URLs. This allows switching environments without changing collections.
  • Token Management: Use pre-request scripts to refresh tokens automatically and update environment variables.
  • Collection Variables: Use collection variables for values shared across requests but specific to the collection.
Test Reporting and CI/CD Integration
  • Use Newman (Postman CLI) to run collections in CI/CD pipelines.
  • Generate reports in formats like HTML, JSON, or JUnit XML using Newman reporters.
  • Integrate with CI tools (GitHub Actions, Jenkins, GitLab CI) to run tests on code changes.
  • Fail builds if authentication or API tests fail, ensuring early detection of issues.
Best Practices
  • Define Auth Once: Set authentication at the collection level to avoid duplication and reduce errors.
  • Use Environment Variables: Keep sensitive data out of collections and manage them securely per environment.
  • Use Pre-request Scripts: Automate token refresh and setup to keep tests reliable and independent.
  • Keep Collections Modular: Use folders or sub-collections to organize tests logically while inheriting auth.
  • Document Auth Setup: Clearly document how auth inheritance works in your README for team clarity.
Self Check

Where in this folder structure would you add a new sub-collection that inherits authentication from the main collection?

Key Result
Define authentication at the collection level in Postman so sub-collections inherit it automatically, ensuring DRY and secure test design.