Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Add Collection Authorization type "Headers" #4044
This is an enhancement request to add a new Authorization type to the existing types available for a Collection: the new type might be called Headers or Custom Headers.
The idea being that you can add an arbitrary set of Header name/value pairs to be used as authorization tokens and added to each request.
Sometimes when you are developing you just need to add a set of headers (here for the purposes of authorization) to each request. The required header names might not conform to existing authorization standards.
Perhaps the downside of this enhancement is that by allowing any HTTP Header whatsoever, this functionality goes beyond that required for authorization, and could be used for example to add any set of custom headers to all requests in a collection. In this way it duplicates requests such as #1947 and #2692. But based on the current UI and features, the Authorization tab seems a reasonable place to expose this sort of feature.
1 similar comment
2 similar comments
+1 on this request. Unfortunately a lot of API implementations don't use a standard authentication token. I just pulled in a Swagger import of 500+ requests on a new project I'm working on and unfortunately will need to add the authorization header to every request, which is a major pain.
Don't mean to seem ungrateful though. Postman is the best!
I solved this problem for my own personal situation by utilizing jq.
By using the
I am certainly not a jq expert so any suggestions on improvements to this technique are welcome.
I should also mention that the
Any progress on this?
It's not too difficult to implement, but too important for users.
Minimal is simple authorization method: "Custom Header" with two fields: name and value. Value can have variable substitutions for convenience.
Much better is to implement "Custom Headers" as a collection of key/value pairs, as proposed in this issue.
Also, this feature covers almost any other authorization method automatically.
My login endpoint returns an object like
Token is the key used in every other request's Authorization header. It is short-lived (couple of hours).
So I made a "Test" in postman that reads and stores the token value into a global variable
Every other request is set up to have an Authorization header with the value...
I simply need to make sure I call the Login endpoint before I start working on the other routes.
Yes but the other issue mentioned above will address the custom header per collection problem. Postman said they will be releasing that “soon”. Andrew Gene Goodwin…
On Jan 21, 2019, at 2:43 PM, Bob Jackman ***@***.***> wrote: @AndrewGene I do basically this very same thing. It works, but the problem with it is that you have to ensure that every other call you make remembers to include this custom value. There's no way to "import" this value as a header on the collection itself. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.