Trying to use 'Postman' and having trouble setting Basic access authentication Headers

Question

I have an API endpoint that I am trying to test with the google app: 'Postman'. I need to set the headers which use 'Basic authentication'. I am not sure what should go in 'Header: Value'

This is how the admin said the headers should be set: "The head value is the word 'Basic' followed by your org name and your Api key separated by a colon and base64 encoded."

I have tried numerous things but I am not getting it quite right. The error I get is "Message: Token not set".

Could you provide the specific link where it says so? Your description is kind of ambiguous. — MinusFour, Aug 22 '15 at 15:04
The admins response was in an email. That is exactly what he said when I asked how to set the headers. But this is the API I am trying to work with: http://apidoc.submittable.com/ I am using POSTMAN to test it but the goal is to make a request with a Node.js app.Oh and he also provided a link to this wiki article: https://en.m.wikipedia.org/wiki/Basic_access_authentication — fresh5447, Aug 22 '15 at 15:12
It sounds like it should be something like this: Header: Authorization Value: Basic my-org-name 123key4api — fresh5447, Aug 22 '15 at 15:19
Just check this [Postman documentation](https://www.getpostman.com/docs/postman/sending_api_requests/authorization) on how to insert the basic authentication — marcelosalloum, Jan 04 '18 at 01:11

score 74 · Accepted Answer · answered Aug 22 '15 at 15:28

74

Your header field should look like this:

Header : Authorization

Value : Basic base64('YourOrgName:YourAPIKEY');

You can get the base64 value of your string here:

https://www.base64encode.org/

For example, for my-org-name:123key4api it should be bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==.

The complete header would look like:

Authorization: Basic bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==

answered Aug 22 '15 at 15:28

MinusFour

13,913
3
30
39

1

Thanks @MinusFour that makes sense to me. I still can't get it to work though!! Going a little crazy I emailed the admin again to see if I am messing up some syntax somewhere. It should be very straightforward hence the frustration. – fresh5447 Aug 22 '15 at 15:48
The documentation you linked specified something else though. It says there to use the Access Token as the `username` (the first part before the colon) but doesn't specify what to use as password. – MinusFour Aug 22 '15 at 15:55
I replaced myOrgName with MyEmailAddress and got it working. Thank you so much for your help. This was a frustrating venture indeed. – fresh5447 Aug 22 '15 at 17:01
It looks like, that the latest version of Postman (5.1.2) doesn't support the base64(); encoding command in value fields? – patrickS Aug 01 '17 at 05:50
@patrickS, as it is written in my post I did not meant it to be some sort of function for postman. What I meant by it is that it's supposed to be replaced by the base64 value of the string `YourOrgName:YourAPIKEY`. That's why I gave out an extra source where you can convert it. – MinusFour Aug 01 '17 at 11:54

Naveen · Answer 2 · 2018-05-27T15:14:48.983

Looks like you are facing trouble in getting the base64 value. Well you can make use of in-built function in Javscript as below.

Simply run below code in any JS runtime, (Simplest would be - open console tab in chrome developer tool)

"username:password!" // Here I used basic Auth string format

// Encode the plain string to base64
btoa("username:password!"); // output: "dXNlcm5hbWU6cGFzc3dvcmQh"


// Decode the base64 to plain string
atob("dXNlcm5hbWU6cGFzc3dvcmQh"); // output: "username:password!"

score 12 · Answer 3 · answered Jan 05 '19 at 06:54

12

It's 2019 and with Version 6.5.3 we have a separate tab to use different kind of Authentication techniques.

For basic auth you just have to give username and password after selecting "Basic Auth" under Authentication tab

answered Jan 05 '19 at 06:54

Amit Patel

15,609
18
68
106

Didn't work for me! It generated a different/wrong token! So I manually I copied the token that python (requests.auth.HTTPBasicAuth) generated into the headers section – MCH Jan 14 '19 at 00:51
may be, you need different encoding. may be, python uses UTF8 one. – dollar2048 Jan 29 '19 at 08:35
Great answer for 2020, works for Base64 encode – majurageerthan Dec 14 '20 at 07:00

score 5 · Answer 4 · answered May 18 '18 at 21:14

Putting it all together in a pre-request script (and then use the access_token for oauth).

    var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(e){var t="";var n,r,i,s,o,u,a;var f=0;e=Base64._utf8_encode(e);while(f<e.length){n=e.charCodeAt(f++);r=e.charCodeAt(f++);i=e.charCodeAt(f++);s=n>>2;o=(n&3)<<4|r>>4;u=(r&15)<<2|i>>6;a=i&63;if(isNaN(r)){u=a=64}else if(isNaN(i)){a=64}t=t+this._keyStr.charAt(s)+this._keyStr.charAt(o)+this._keyStr.charAt(u)+this._keyStr.charAt(a)}return t},decode:function(e){var t="";var n,r,i;var s,o,u,a;var f=0;e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(f<e.length){s=this._keyStr.indexOf(e.charAt(f++));o=this._keyStr.indexOf(e.charAt(f++));u=this._keyStr.indexOf(e.charAt(f++));a=this._keyStr.indexOf(e.charAt(f++));n=s<<2|o>>4;r=(o&15)<<4|u>>2;i=(u&3)<<6|a;t=t+String.fromCharCode(n);if(u!=64){t=t+String.fromCharCode(r)}if(a!=64){t=t+String.fromCharCode(i)}}t=Base64._utf8_decode(t);return t},_utf8_encode:function(e){e=e.replace(/\r\n/g,"\n");var t="";for(var n=0;n<e.length;n++){var r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r)}else if(r>127&&r<2048){t+=String.fromCharCode(r>>6|192);t+=String.fromCharCode(r&63|128)}else{t+=String.fromCharCode(r>>12|224);t+=String.fromCharCode(r>>6&63|128);t+=String.fromCharCode(r&63|128)}}return t},_utf8_decode:function(e){var t="";var n=0;var r=c1=c2=0;while(n<e.length){r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r);n++}else if(r>191&&r<224){c2=e.charCodeAt(n+1);t+=String.fromCharCode((r&31)<<6|c2&63);n+=2}else{c2=e.charCodeAt(n+1);c3=e.charCodeAt(n+2);t+=String.fromCharCode((r&15)<<12|(c2&63)<<6|c3&63);n+=3}}return t}};

    var userPass = pm.environment.get("oauth_key") + ':' + pm.environment.get("oauth_secret")

    pm.sendRequest({
          url:  pm.environment.get("basepath")+"/oauthpreview/token", 
          method: 'POST',
          header: {
            'Accept': 'application/json',
            'cache-control':"no-cache",
            'Authorization' : 'Basic ' + Base64.encode(userPass),
            'Content-Type': 'application/x-www-form-urlencoded'
          },
          body: {
              mode: 'urlencoded',
              urlencoded: [
                {key: "grant_type", value: "client_credentials", disabled: false}
            ]
          }
      }, function (err, res) {
            pm.environment.set("access_token", res.json().access_token);
      })

This is nice, trying to use part of your code, but not working. Where did you get the Base64 code from? — rafa.ferreira, Nov 15 '19 at 10:49

Trying to use 'Postman' and having trouble setting Basic access authentication Headers

4 Answers4

Linked