Postman and RTR setup

Owned by Thomas Trutt
Last updated: Nov 13, 2024
5 min read
Note: The script in this page was taken from this slack conversation: https://folio-project.slack.com/archives/CQ7EK52LB/p1712309129523099

 

In order to properly make API requests in postman and using the new RTR functionality you will need to do some environmental setup first. It may be easier to create a new Workspace and migrate your API calls to that instead of trying to modify your current workspace.

Create Environment

Environments are a very powerful tool. They allow you to switch settings, like the base url or user account settings for all of your API calls at once. I primarly use this to switch between test and production environments when working with APIs.

From scratch

  • Click on the “Environments” section; left hand toll bar. Select “Create Environment”.

  • Give your environment a name like “Bugfest”

  • In the table provided add the following environmental variables.

Variable

Type

Initial value

Variable

Type

Initial value

x-okapi-tenant

default

fs09000000

username

default

folio

password

secret

folio

baseUrl

default

https://okapi-bugfest-quesnelia.int.aws.folio.org

x-okapi-token

default

 

RTR-access-expiration

default

 

Note: If you create an other environments the Variable names must be the same.

Importing variables

  • Download the attached file.

  • Click on the “Environments” section; left hand toll bar.

  • Click on the “Import” button.

  • Drag and drop the downloaded file into the box provided.

  • The environmental variables will be imported under the name “Bugfest - Q”

Workspace and Authorization script

Manual setup

  • On the Collections section, click on the “+” icon to create a new “Blank collection”

  • Click on the “…” for this new collection and select “Edit”.

  • In the central pane click on the “Scripts” tab; select the “Pre-request” panel.

  • Past in the provided script in the text area provided.

  • Click on “Save”

 

What it does - The script pulls in the environmental variables that we created in the first section. It then before each request checks to see if a valid token is stored. if it is not it will use the provided username and password to get a new token an refresh token. It also handles refreshing the main token when it expires using the refresh token. This is all don in the background before your api call is made.

let path = pm.environment.get("baseUrl") + "/authn/login-with-expiry"; let cookieJar = pm.cookies.jar(); let xOkapiTenant = pm.environment.get("x-okapi-tenant"); pm.sendRequest({ url: path, method: 'POST', header: { 'Content-Type': 'application/json', 'Accept': 'application/json', 'x-okapi-tenant': xOkapiTenant }, body: { mode: 'raw', raw: JSON.stringify({ username: pm.environment.get("username"), password: pm.environment.get("password") }) } }, function (err, response) { // Fall back to authn/login if authn/login-with-expiry is not found if (response.code === 404) { path = pm.environment.get("baseUrl") + "/authn/login"; pm.sendRequest({ url: path, method: 'POST', header: { 'Content-Type': 'application/json', 'Accept': 'application/json', 'x-okapi-tenant': xOkapiTenant }, body: { mode: 'raw', raw: JSON.stringify({ username: pm.environment.get("username"), password: pm.environment.get("password") }) } }, function (err, fallbackResponse) { if (fallbackResponse) { let token = fallbackResponse.headers.get("x-okapi-token"); console.log(token); pm.environment.set("x-okapi-token", token); } }); } else { // Continue with the response from authn/login-with-expiry if (response) { let token = response.headers.get("x-okapi-token"); console.log(token); pm.environment.set("x-okapi-token", token); // Optionally set the token expiration if needed from the response pm.environment.set("RTR-access-expiration", response.json().accessTokenExpiration); } } });

Import Workspace

  • Download the attached file.

  • Click on the “Colelctions” section; left hand toll bar.

  • Click on the “Import” button.

  • Drag and drop the downloaded file into the box provided.

  • The collection “New Collection” will be added along with the authorization script and a example API call to pull all users.

 

Notes:

  • You must make sure to add all new API calls under the collection created in these instructions. The authentication script will only run for items in its collection. you can create sub folders to help organize you API calls.

  • Additional pages will be added on how to use variables as well as environments.