I am new to SOAPUI and API testing. I would like to try API testing. However, I have struggled with csrf token issues.
Basically, I want to test the web app which is frontend Angular web app with xsrf token. Whenever I try to Get XSRF token generate and the token generate dynamically(every time change.). I have researched and come up with the approach below.
1. Post request (log in)
2. Get access token and transfer to next step
3. Get response.
However, I have no ideas that how to input ID and Password then Get dynamic token and transfer to next steps.
Can you share some idea?
Thanks in advance.
I have a similar issue. I am trying to do some API testing too. Please let me know if you got this issue resolved. I am using ReadyAPI 2.2.0
Can you show the response and the values that you want to transfer to a following request?
The documentation includes an example using property transfers
Hi sorry for late reply.
I tried to follow the link, but it was not quite good to me.
our application using Gem "ng-rails-csrf". Any idea of a deal with it?
You probably need to add header/s.to your request.
Do you know the required header name and values that should be transferred?
Some similar examples here
Yes Whenever I do request or something, the XSRF-Token value is dynamically changed in each time.
I am struggling with to transfer XSRF-Token value to next steps.
Anyways to catch the dynamic values?
On the Response Headers tab is there a header named "x-csrf-token" or similar?
Step 2 from the example in the link above uses a groovy script step to transfer the header value to a test case property.
Then in Step 3 use that value for the next request header.
Is that the value you need to transfer?
This is an old thread, but I have a similar issue. So I want to know if anyone has a good answer to this question.
I am working on a project using Collibra REST APIs. The POST /auth/sessions request will only return a csrfToken with random value. I am not sure how this token is used for other methods. I have enable the option "Maintain HTTP session". I am not sure if the cookie is going to help with anything. When I try to do something, for example, POST /domains to create a new domain object, it consumes the body but there is no header required. Any idea?
I did ask the question in the Collibra community. No helpful answer is provided because the APIs are working fine with the Swagger UI that they offer. I just can't get it to work in the ReadyAPI.
I got it resolved. I am using 2.3.0 ReadyAPI with a licensed Soap UI.
If I run the tests from the beginning to the end, it works fine. If I want to test each request independently, then it will have issue.