Postmantesting~15 mins

Using extracted data in next request in Postman - Build an Automation Script

Choose your learning style9 modes available

Learn Why Deep Trace Try Challenge Automate Recall Frame

Extract token from login response and use it in next API request

Preconditions (3)

Step 1: Send a POST request to https://api.example.com/login with JSON body {"username": "testuser", "password": "testpass"}

Step 2: Verify the response status code is 200

Step 3: Extract the 'token' value from the JSON response body

Step 4: Send a GET request to https://api.example.com/profile

Step 5: Add an Authorization header with the value 'Bearer <extracted_token>'

Step 6: Verify the response status code is 200

Step 7: Verify the response body contains the username 'testuser'

✅ Expected Result: The login request returns a token, which is used in the Authorization header of the profile request. The profile request succeeds and returns user details including username 'testuser'.

Automation Requirements - Postman (using Tests and Pre-request Scripts)

Assertions Needed:

Token is extracted and stored in environment variable

Profile response status code is 200

Profile response body contains username 'testuser'

Best Practices:

Use pm.response.json() to parse JSON response

Store extracted token in environment variable for reuse

Use environment variable in Authorization header with Bearer scheme

Add assertions to verify status codes and response content

Keep requests independent except for data sharing via environment variables

Automated Solution

Postman

// Login request Tests tab
pm.test('Login status code is 200', function () {
    pm.response.to.have.status(200);
});

const jsonData = pm.response.json();
pm.environment.set('authToken', jsonData.token);

// Profile request Pre-request Script tab
const token = pm.environment.get('authToken');
pm.request.headers.add({key: 'Authorization', value: `Bearer ${token}`});

// Profile request Tests tab
pm.test('Profile status code is 200', function () {
    pm.response.to.have.status(200);
});

pm.test('Profile response contains username testuser', function () {
    const profileData = pm.response.json();
    pm.expect(profileData.username).to.eql('testuser');
});

In the login request's Tests tab, we check the status code is 200 to confirm success. Then we parse the JSON response to get the token and save it in an environment variable called 'authToken'.

In the profile request's Pre-request Script tab, we retrieve the saved token and add it as a Bearer token in the Authorization header. This ensures the profile request is authenticated.

In the profile request's Tests tab, we verify the status code is 200 and check that the response JSON contains the expected username 'testuser'.

This approach uses environment variables to share data between requests, which is a best practice in Postman automation.

Common Mistakes - 4 Pitfalls

Not storing the extracted token in an environment variable

Hardcoding the token value in the Authorization header

Not adding the Authorization header in the next request

Parsing response as text instead of JSON

Bonus Challenge

Now add data-driven testing with 3 different user credentials for login and verify profile for each

Show Hint