Postman and RTR setup
Note: The script in this page was taken from this slack conversation: https://folio-project.slack.com/archives/CQ7EK52LB/p1712309129523099
In order to properly make API requests in postman and using the new RTR functionality you will need to do some environmental setup first. It may be easier to create a new Workspace and migrate your API calls to that instead of trying to modify your current workspace.
Create Environment
Environments are a very powerful tool. They allow you to switch settings, like the base url or user account settings for all of your API calls at once. I primarly use this to switch between test and production environments when working with APIs.
From scratch
Click on the “Environments” section; left hand toll bar. Select “Create Environment”.
Give your environment a name like “Bugfest”
In the table provided add the following environmental variables.
Variable | Type | Initial value |
---|---|---|
x-okapi-tenant | default | fs09000000 |
username | default | folio |
password | secret | folio |
baseUrl | default | https://okapi-bugfest-quesnelia.int.aws.folio.org |
x-okapi-token | default |
|
RTR-access-expiration | default |
|
Note: If you create an other environments the Variable names must be the same.
Importing variables
Download the attached file.
Click on the “Environments” section; left hand toll bar.
Click on the “Import” button.
Drag and drop the downloaded file into the box provided.
The environmental variables will be imported under the name “Bugfest - Q”
Workspace and Authorization script
Manual setup
On the Collections section, click on the “+” icon to create a new “Blank collection”
Click on the “…” for this new collection and select “Edit”.
In the central pane click on the “Scripts” tab; select the “Pre-request” panel.
Past in the provided script in the text area provided.
Click on “Save”
What it does - The script pulls in the environmental variables that we created in the first section. It then before each request checks to see if a valid token is stored. if it is not it will use the provided username and password to get a new token an refresh token. It also handles refreshing the main token when it expires using the refresh token. This is all don in the background before your api call is made.
let path = pm.environment.get("baseUrl") + "/authn/login-with-expiry";
let cookieJar = pm.cookies.jar();
let xOkapiTenant = pm.environment.get("x-okapi-tenant");
pm.sendRequest({
url: path,
method: 'POST',
header: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'x-okapi-tenant': xOkapiTenant
},
body: {
mode: 'raw',
raw: JSON.stringify({
username: pm.environment.get("username"),
password: pm.environment.get("password")
})
}
}, function (err, response) {
// Fall back to authn/login if authn/login-with-expiry is not found
if (response.code === 404) {
path = pm.environment.get("baseUrl") + "/authn/login";
pm.sendRequest({
url: path,
method: 'POST',
header: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'x-okapi-tenant': xOkapiTenant
},
body: {
mode: 'raw',
raw: JSON.stringify({
username: pm.environment.get("username"),
password: pm.environment.get("password")
})
}
}, function (err, fallbackResponse) {
if (fallbackResponse) {
let token = fallbackResponse.headers.get("x-okapi-token");
console.log(token);
pm.environment.set("x-okapi-token", token);
}
});
} else {
// Continue with the response from authn/login-with-expiry
if (response) {
let token = response.headers.get("x-okapi-token");
console.log(token);
pm.environment.set("x-okapi-token", token);
// Optionally set the token expiration if needed from the response
pm.environment.set("RTR-access-expiration", response.json().accessTokenExpiration);
}
}
});
Import Workspace
Download the attached file.
Click on the “Colelctions” section; left hand toll bar.
Click on the “Import” button.
Drag and drop the downloaded file into the box provided.
The collection “New Collection” will be added along with the authorization script and a example API call to pull all users.
Notes:
You must make sure to add all new API calls under the collection created in these instructions. The authentication script will only run for items in its collection. you can create sub folders to help organize you API calls.
Additional pages will be added on how to use variables as well as environments.