Navigation

	Home Page
	Index
	All Pages

Quick Search

Advanced Search »

Contributor Links

	Create a new Page
	Administration
	File Management
	Login/Logout
	Your Profile

Other Wiki Sections

Software

Discuss (0) History

Capturing a Login Bearer Token for Subsequent Calls - Postman

RSS

Modified on Wed, Mar 12, 2025, 3:24 PM by Administrator Categorized as Visual Studio and Developer Tools

Overview¶

When working with Postman against APIs secured by a bearer token architecture, it is necessary to login first and submit the associated bearer token with the API call. This article presents a simple mechanism for doing so.

Acknowledgements¶

Thanks to Dan Williams for providing the code below!

Procedure¶

ALL THIS WORK SHOULD BE DONE WITHIN A POSTMAN ENVIRONMENT

(1) Create an environment variable called "token".

(2) Create a request for your Login API.

(3) On the Scripts tab, for the Post-response entry, add the following code, which will capture the bearer token in the Postman variable "token". Note that this assumes the response payload from the Login API has a field called "token". If that payload has the token in a field with a different name, replace "jsonData.token" below with "jsonData.MyOtherTokenField" (where "MyOtherTokenField" is the name of the field that actually holds the token).

pm.test("Extract Token", function () {
    var jsonData = pm.response.json();
    pm.expect(jsonData.token).to.not.equal(null);
    pm.environment.set("token", jsonData.token);
});

(4) For the secured API request, navigate to the Authorization tab.

(5) For the type, select "Bearer Token".

(6) For the Token, specify

{{token}}