From the course: Introducing Postman
Authorization with variables - Postman Tutorial
From the course: Introducing Postman
Authorization with variables
- [Instructor] Just us trying to keep track of a single object ID across multiple requests is tedious and error prone. Managing authorization tokens across requests can be troublesome as well. Fortunately, we've already simplified sharing the token across requests by setting up authorization at the collection level. Unfortunately, keeping tokens in the collection definition can lead to unintentionally sharing sensitive information. Authorization tokens do generally expire, but we still want an easy way to keep them current while also keeping them secure. Let's issue a new authorization request. Open the authorization request from the Postman Sample API collection and send it. As expected, the response contains a new token for us to attach to our requests. We could update the collection with this new value, but let's use our BEARER_TOKEN variable instead. Copy the new token to the clipboard. We'll use the environment quick look panel to update the variable's current value, so click that button. Locate the BEARER_TOKEN variable. Now click its current value pencil icon, and paste in the new token. Press enter to accept the value, and click away from the panel to close it. This is a great first step, but we haven't yet updated the collection to reference the BEARER_TOKEN variable. Open the collection editor, by selecting edit from the Collections ellipsis menu. Switch over to the Authorization tab, and you'll see that the old token is still in the token text box. Rather than pasting in the new token, we'll instead tell Postman to use the BEARER_TOKEN variable. We do so by replacing the value, and typing in BEARER_TOKEN. Notice how Postman displayed the same variable list as we saw before. This is a nice feature that helps us remember what's defined regardless of context. Now update the collection, and all future requests will use the BEARER_TOKEN variable instead of that hard coded value that was there before. Whenever we need a new token, we merely need to update the variable and will likely never need to change the collection definition again, at least not for authentication anyway.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.