You can setup Postman automatically append HTTP headers that required for authentication. Postman allows executing custom code before making any request within collection.
Follow the steps for setup pre-request script:
- Create a new collection
- Give it a name and open
Variablestab
-
Add 3 new variables in
CURRENT VALUEcolumn (this will prevent synchronizing values to Postman cloud):HOST- the base URL of the APIAPI_KEY- the API keyAPI_SECRET- the API secret
-
Now click on
Pre-request Scriptstab and paste the code snippet below:
const uuid = require('uuid');
// gather parameters
const timestamp = new Date().toISOString();
const nonce = uuid.v4();
const key = pm.variables.get('API_KEY');
const secret = pm.variables.get('API_SECRET');
// generate signature
const payload = `date:${timestamp}\nx-mesh-nonce:${nonce}`;
const signature = CryptoJS.HmacSHA256(payload, secret);
const signatureEncoded = CryptoJS.enc.Base64.stringify(signature);
// append headers
const auth = `HMAC-SHA256 Credential=${key};SignedHeaders=Date,x-mesh-nonce;Signature=${signatureEncoded}`;
pm.request.headers.add({key: 'Authorization', value: auth });
pm.request.headers.add({key: 'Date', value: timestamp });
pm.request.headers.add({key: 'x-mesh-nonce', value: nonce });- Finally click on
Createbutton
Now every request that will be created in the collection will have headers that required for authentication with Mesh API.
To add a request you will normally:
-
Click on add request
-
Define request URL
-
Execute request, which should return `200`
