How to use a synced cookie as a request parameter variable in Postman API Testing

How to use a synced cookie as a request parameter variable in Postman API Testing

04 Nov
2022
 Johan van de Merwe
Posted in Tools
This article might be interesting when you use Postman for API testing. I'll explain you how you can use a synced cookie from a site or web application and use it as a parameter value in a POST request using a pre-request script

Let us start from the beginning

Let's start with a kind of let down (maybe)

Big Alert
The following will only work on non-secure cookies. This is an Postman issue in the current version (november 2022). Hopefully this will be corrected in the upcoming version.
  1. The request
  2. The Cookies tab
  3. The column that shows if the cookie in the row is secure or not. This has to be false (non-secure)
  4. The main cookie used as a sample in the following description.

postman-non-secure-cookies.png Click on the image for a bigger picture

Preparing cookie management in Postman

Starting from here I assume that the requirements mentioned in the former paragraph are settled and that all the cookies which have to become values in the requests are non-secure.

!! During the process the Google Chrome extension Postman interceptor is required. So I assume that you are using the Google Chrome web browser when reading the remainder of the article.

Let's get started

We start by clicking on the Cookies button just below the Send button.

postman-cookies-button.png Click on the image for a bigger picture

Now the window titled Cookies pops up containing 2 tabs:

  1. Manage cookies
  2. Sync Cookies

By default it will open up displaying the Sync Cookies tab because there is no cookie intercepter installed in Google Chrome. When you just follow the link labeled interceptor extension, it will open the extension page in Google Chrome from which you install the Postman interceptor plugin with a single click.

postman-no-interceptor-dialog.png Click on the image for a bigger picture

After that is done Postman will immediately notice that the extension is installed by showing a green CONNECTED and a small lock symbol. Now you can add domains of which you want to intercept changes to the cookies.

!!! When you enter a domain name without www or a subdomain prefix, it will intercept all cookies of sites with the entered domain, that is including any subdomains.

  1. Goto the Sync Cookies tab (if not already active)
  2. Enter the domain name
  3. Click on Add Domain (repeat step 2 and 3 for any other domains)
  4. Conclude by clicking Start Syncing

postman-cookies-dialog.png

After the sync is initiated and started we can see the effect of what we just have done.

  1. Click on the Manage Cookies tab.
  2. Click on the cookie you want to investigate. You can make changes here, but that doesn't make any sense if you have an auto sync in place.

postman-synced-cookies-dialog.png Click on the image for a bigger picture

In the webbrowser you can open the developer tools by pressing F12.

  1. Click on Application tab/menu, positioned after Memory and before Security.
  2. Find your domain in the Cookies section on the left side.
  3. The cookie that we want to check, this should be the same as the value in Postman, as seen in the former step.

postman-chrome-dev-tools.png Click on the image for a bigger picture

To use the values in our scripts you have to add the domain(s) to a so called Allowlist. On the Cookies window there is a button labeled Domains Allowlist. Simply click on this.

postman-domains-allowlist.png Click on the image for a bigger picture

Now you have to enter the domains of which you would like the cookie values in your scripts. You can add a many as you require.

postman-whitelist-domains.png Click on the image for a bigger picture

Pre-request Script for intercepting the cookie variable(s)

Now it is time to create a little script that will run on any request in our collection. When you do this on the highest level, it will run a Pre-request Script on every request lower in the hierarchy. In the sample image the script will be executed previous to all requests within subfolders below the collection where it has been defined.

!! If you have a collection on the same level, you have to copy the code to this collection as well. There is no such thing as a global Pre-request Script.

  1. Goto the Collections on the left side.
  2. Select the collection or folder or even a single request where you want to apply the code.
  3. Select the Pre-request Script tab and enter the code.

What is done here, is that the cookie values are taken from the cookie jar and when found placed on the collection variables for easy access. When nothing is found, nothing is done. There is no intensive error handling, simply because you are the developer and hopefully know what to expect.

postman-pre-request-script.png Click on the image for a bigger picture

Sample Code

const jar = pm.cookies.jar();

jar.get('www.zap-suite.local', 'gateway_token', (err, cookie) => {
    if (err === null) {
        pm.collectionVariables.set('gateway_token', cookie); 
    }
});

A sample request

Now it is time to use what we have prepared in the earlier steps.

We are creating a sample request.

  1. The request
  2. It is a POST request
  3. In the form-data tab we enter the parameters to be sent to the server
  4. Special attention for the token variable which has the value {{gateway_token}} (5), as initiated by the Pre-request Script

When the request is executed the gateway_token will be sent with the proper current value from the synchronized cookies by the Postman interceptor.

postman-sample-request.png Click on the image for a bigger picture

When you hover over {{gateway_token}} you will see that Postman recognizes the variable as a collectionVariable.

postman-value-recognized.png

Links

Johan van de Merwe

Johan van de Merwe

More from same category

analog-analogue-audio-2718645.jpg

How to dump MySQL databases with PHPBU and transfer them with secured ftp

Tools 18 Oct 2019
PHPBU is not a very sexy name for a great utility that helps you to manage your backups, compress them, organize them or even transfers them. And all...
gitlab-logo.png

How to install Bitnami Gitlab on a VMWare ESX Server and make SMTP mail work

Software Tools 08 Apr 2015
A walkthrough on installing Bitnami Gitlab on a VMWare ESX server and make your smtp email work.
pexels-photo-207662.jpeg

Batch recursive conversion to PDF using Linux, LibreOffice and Unoconv

Tools 01 Apr 2019
This article shows how you can batch convert large amounts of documents to PDF with LibreOffice, Unoconv and a bit of Python script (included).
wood-cube-abc-cube-letters-48898.jpeg

Freeware font viewer tools for Windows and Linux

Software Tools 14 Apr 2019
Babelmap is a Windows freeware tool to show font information and a detailed character map. But also for Linux you will find useful tools for that purp...
500-nations-smaller.jpg

Microsoft Windows 98 nostalgia in a VMWare Player

Software Tools 30 Jul 2015
To be able to play 500 Nations from Microsoft I needed Windows 98. I decided to use VMWare Player for this.
art-materials-art-supplies-blocks-blur-1148496.jpg

Going wild with Codeanywhere online IDE containers and virtual servers

Online Tools 11 Dec 2019
Codeanywhere is an online IDE and developer tool set that even comes with easy to implement containers with virtual servers including PHP, MySQL and C...
zip-1802627_1280.png

Fast way for unzipping large libraries and frameworks on your ftp server

Tools 07 Oct 2013
Moving an unpacked large library or frameworks to a remote ftp server can take a long time. You can do this much faster with this small utility.
flowchart.jpg

Drawing flowchart diagrams online, free and paid

Tools 01 Jul 2013
Sometimes you like to draw flowcharts or some other diagrams to support your documentation. Nowadays there are many online services where you can even...