Retrieve cookies from HTTP response header using Postman

Scenario

We aim to make a GET API call to the customer database to validate user details and retrieve the session token, authentication token, and other related tokens as cookies from the server. These cookies are returned in the response header and are essential for including in the request header to call other APIs for further actions.

Approach to test via Postman

Approach 1: Manual Method

1. Create an HTTP request: In Postman, create a GET API call to the customer database.

2. Send the Request: Execute the request to validate the customer details and receive cookies in response header.

3. Copy Cookies: Manually copy the values of the ‘Set-Cookie’ headers and form a string separated by semi-colon

SESSION_TOKEN=S29t8YgTQkvvbsZKxGpgBzqXUSMP3jgYAcfdPr98xBBUjxnpm8mTyZpmQEuSgmXXzFPyzfKNM5bUmVHbgxXdxyV8QM4KFkTF8raE;at=ff79b451332a420da473d93d00d0ac4e;tkt=1b5f3f4788a74af29b7d47c85ecf6806;

4. Create Another Request: Formulate another GET API request to fetch detailed account information. Add a 'Cookie' header to the request and set it with the previously generated string.

5. Send the Request: Execute the request to retrieve detailed account information of the user.

This manual approach is cumbersome because we first need to send the createSession request, manually copying the cookies from the response header, combining and including them in the subsequent requests.

Approach 2: Automated Method

Let’s look into the better approach and take the advantage of Postman’s scripting capabilities to automate the retrieval of cookies from the response header. The script combines these cookies into a string separated by a semi-colon and stores it in a global, collection, or environment variable.

The script extracts extracts all the response headers, filters for headers where the key is 'Set-Cookie', retrieves their values, combines these values into a single string separated by a semi-colon, and stores it in an environment variable.

var setCookieHeaders = pm.response.headers.all().filter(header => header.key === 'Set-Cookie').map(header => header.value).join('; ');
pm.environment.set('sessionCookies', setCookieHeaders);

Now the ‘sessionCookies’ environment variable can be used in the subsequent requests.

Set ‘Cookie’ header in the request of accounts API using ‘sessionCookies’ environment variable

Conclusion

In conclusion, retrieving cookies from an HTTP response header using Postman can be efficiently managed by leveraging Postman's scripting capabilities. While the manual approach of copying cookies from the response header and including them in subsequent requests is straightforward, it can be cumbersome and error-prone. By utilizing Postman's Scripts tab, you can automate the process of extracting, combining, and storing cookies in environment variables, streamlining your workflow and reducing the potential for mistakes. This method not only saves time but also enhances the accuracy and reliability of your API testing and interactions.