Request works in Postman and fails in Newman with Auth token cookie

[dduford01]

I have an auth token in a cookie that I created. When I run the tests in Postman GUI they all pass, but when I run them through Newman I get a Status Code 200 on every test.

Newman Version: 3.8.2 OS details: Windows 8.1 and 10 Are you using Newman as a library, or via the CLI? : Using as a command prompt Did you encounter this recently, or has this bug always been there: I encountered this recently. Expected behaviour: All the tests which runs on Postman should possibly run in newman as well. Command: newman run API.json -e API_Env.json -g globals.json --delay-request 1000

Screen postman:

Screen Newman:

[prakharjoshi]

@dduford01 First of all I am little confused with when I run them through Newman I get a Status Code 200 on every test. Can you confirm that and also can you share the collection, environment and globals that you are passing to run that collection through Newman (Feel free to exclude the sensitive information).

[dduford01]

Oops sorry I meant to say on Newman I get a status code of 401 Unauthorized. I will try to get the collection, environment and global, but I believe everything about them would be sensitive information.

[prakharjoshi]

@dduford01 Okay I need to clear one more thing here, you are passing cookies or tokens for authentication? and how are you passing them?

[dduford01]

I have a cookie with a auth code in it. I created this cookie with the Postman GUI. I manually replace the auth code in this cookie to refresh it. As of now are authentication setup won't work with standard authentications, which is why I have to create the cookie manually.
I validated that the cookie is in the postman collection file that I use, this the correct auth code. I don't do anything specific to pass the cookie.

[dduford01]

Modified Example of cookie: WEB_UI_FORMS=FF3DA56936721EDC814D15F7F083C7B76DETG200D0CC6F3E310288AD685B43298267032C118CFF56ADBE27B64E8E7222C33FCB15A8CDD3514165F1AF68061EA962779F82FFB993614B0BB43F305AFE9DC321C3C8724D6BD2C3E7CA0C6F8DBDF0AE78A1C13035AD8374GH657FJ; path=/; domain=myDomain; HttpOnly; Expires=Tue, 19 Jan 2038 03:14:07 GMT;

[prakharjoshi]

@dduford01 You are passing env variables and Global variables, so can you once confirm that you are extracting access_token from correct variable scope (environment/globals)?

Also, can you try it with latest Newman version?

[dduford01]

Let me clarify. I am not extracting the access token from the cookie. I manually put the access token in the cookie, and the cookie should be passed for authentication. This works in Postman GUI, but not in Newman using the exact same tests on the same machine.

[prakharjoshi]

@dduford01 As you mentioned earlier I don't do anything specific to pass the cookie, so right now you have set the cookies through Postman GUI and run the collection through postman runner and it worked fine because you have set the cookies there for that domain.

When you run the collection with Newman, the cookies that you have set through Postman GUI are not available during Newman run, so right now there is no way to provide cookies through CLI options for Newman run. In future, we can provide a CLI option to pass cookies for the Newman run.

[dduford01]

@prakharjoshi This does clear up the reason for my tests failing in Newman run, since the auth is passed in the cookie and since Newman does not pass cookies. Thanks you for your time.

[GrogyLbn]

hello,

Any news on this issue ? I have the problem, on call to auth et get the cookie, after with newman always 401, but it work with postman.

Can we get cookie for a firts requset and send it to another ?

Regards Gregory

[splitt3r]

The ASP.NET SessionId Cookie seems to work without problem but setting the Auth Cookie via Set-Cookie: ... Header does not.

Any idea how to fix that?

Looks quite like #242 but i´m on the 4 beta 2 version and it doesn´t work.

[dduford01]

I have been checking on this every once in a while and it has been saying 'Feature Request' since I put in this issue. I don't think it is going to be an option any time soon, but there is always hope it will.

[kunagpal]

@dduford01 @GrogyLbn @splitt3r One workaround here is to explicitly set the value of the Set-Cookie header to an environment variable and reference that environment variable in the Cookie header of subsequent requests.

[splitt3r]

I will give that a try :+1:

Perhaps this will help someone 😄 (Based on https://github.com/postmanlabs/newman/issues/1241#issuecomment-360250795):

const cookies = pm.response.headers.all().filter(headerObj => headerObj.key === 'Set-Cookie').map(headerObj => headerObj.value);
pm.environment.set('cookies', cookies.join(';'));

And after that setting the Cookie Header to {{cookies}} value for subsequent requests.

[vikrambisht02]

Hi All,

Similar issue I am getting in API (AccessToken Method) execution using newman command prompt. This request is a POST action for getting access token.When trying from newman command prompt,its not able to read the raw body data and returning bad request(400).But it works fine in Postman. .

Is there any way to add raw body content to URI.?

The raw-body contains below artifacts: grant_type:"", client_id:"", client_secret:"", resource:"", username:"", password:""

Thanks & Regards, Vikram

[kristrt]

Hello, Anyone here able to help me on Newman API Automation, I am trying to find how to Run collection without using stored cookies in newman

-- Thanks, Kris

[RavenHursT]

So am I correct in assuming that the only way to persist client-side cookies between requests/tests in newman is to somehow read Set-Cookie headers after each requests, and if there's cookies, store them in an environment variable? Then, on subsequent requests, read the cookies from the environment variable, and then set each request's Cookie header accordingly?

I'm curious why https://github.com/postmanlabs/newman/pull/561 being merged doesn't just "automagically" handle this now for us, as the browser cookie-store in the Postman app does?

[jasonbarr]

Hey guys,

I'm doing this to get the value I need:

var header_string = postman.getResponseHeader('Set-Cookie');
console.log(header_string);
pm.environment.set(`tracking_code`, header_string.substr(8, 48));
console.log(pm.environment.get(`tracking_code`));

But in the newman console I see that 'tracking_code' is 'undefined' and isn't being passed to the following request (where I'm calling it):

→ get shared lists fix_wip
  GET https://integration-api.... [200 OK, 564B, 411ms]
  ┌
   │ undefined
  └
  1⠄ TypeError in test-script

→ list checkout
  ┌
   │ ''
  └

Any ideas?

[coditva]

@jasonbarr Seems like the undefined printed is from console.log(header_string) and then the script errors out because of unsafe access. The header_string is undefined when there is no set-cookie header. Try this:

var header_string = postman.getResponseHeader('Set-Cookie');
console.log(header_string);

if (typeof header_string === 'string') {
    pm.environment.set(`tracking_code`, header_string.substr(8, 48));
}

console.log(pm.environment.get(`tracking_code`));

[soujanya1511]

Hi All,

Trying to automate GraphQL API from POSTMAN.Using bearer token(from header and authorization)the collections run succesfully on POSTMAN UI but same exported JSON collection fails with NewMan from cmd (same m/c)with 401 unauthorized error.Below pic FYI

Please suggest what could be the problem and how to fix it...Thank you!

[Varsha-Rajput]

Hi @soujanya1511 did you find any solution for your problem. I am facing the same issue with my Graphql Requests.

[hector-del-rio]

Same issue here. @soujanya1511 did you ever find out the solution to this problem?

[rustam-umarov]

It’s been 7 years since this was requested. Are we still on track to add this feature?

[mig5]

I had a similar issue with a prerequest task that obtained an OAuth bearer token and used it in other tests as a variable.

Things I observed:

1) The first test that passed that variable as the Bearer token, always failed, but only in newman, not Postman 2) It seemed to be passing the bearer token as a literal string, e.g if my variable was called {{OAUTH_BEARER_TOKEN}}, my application was seeing {{OAUTH_BEARER_TOKEN}} as the literal value, not the token itself. 3) The next test immediately after, which sends the exact same variable, works fine.

I worked around it by making my first test send a 'dummy' string as the token, and deliberately designed my test to make sure my app failed the request because the token was invalid (that's a good test to have, anyway!). Then I found that my 'next' test (which was my original first test) worked just fine in newman, as did all the others.

Hope that helps track down the issue (if indeed it's related)