API request details
Configuring requests in the API Test Editor
You can use the Request details section of the API Test Editor to configure the details for each API request. At a minimum, a step in an API test will include the following:
- HTTP method:
GET
,POST
,PUT
,PATCH
,FETCH
,DELETE
,HEAD
, orOPTIONS
- URL: The URL is also known as an API endpoint. You can use mabl variable syntax to reference the base URL (
api.url
).- For example, if the base URL is
https://example.com/api
, and you want to make a GET request tohttps://example.com/api/users
, you can write{{@api.url}}/users
as the endpoint.
- For example, if the base URL is

The Request details panel
Depending on the data that you need to send with the request, you can also use the tabs listed below the URL input field: auth, params, headers, body, pre-request, and settings.
Auth
Supported authentication types include API key, basic auth, bearer token, and OAuth 1.0 If you need support for additional authentication types, please let us know via the mabl Product Portal.
Flow-level auth settings
To apply the same auth to every request in an API test, open the flow-level settings modal in the API Test Editor and click on Auth tab.
Inherit auth from parent
Use this setting if you set authentication at the flow level and want to use those auth settings for this particular step.
No auth
If the test has flow-level auth settings and you want to send a request without those settings, use No auth.
API key
Enter the API key name and its value; then indicate whether it should be sent in the request header or as a query parameter.

Example of a request using an API key
Basic auth
Enter the username and password to be sent with this request.

Example of a request using basic auth
Bearer token
Enter the token in the input field. This authentication type sends a request header Authorization
with a value Bearer <your_token_value>
.
OAuth 1.0
Choose from a Signature Method and supply values as required by the API under test:
- Consumer key
- Consumer secret
- Access token
- Token secret
Click on the Add to dropdown to indicate where to send the details for OAuth 1.0: in the headers or in the URL. By default, OAuth 1.0 is sent in the headers.
Toggle on Show advanced settings to set additional values if needed, including the following:
- Callback URL
- Nonce
- Realm
- Timestamp
- Verifier
- Version
- Add empty parameters to signature
- Include body hash
Params
Query parameters are added in key-value pairs and get appended to the API URL.
Headers
Enter request headers as key-value pairs; add a description if desired.
Body
You can use the body field to add or update data in your request. Supported formats include raw text (text, JSON, XML, HTML), formdata, x-www-form-urlencoded, binary, and GraphQL.
Uploading files
File Uploads are supported for "formdata" and "binary" request types.
To upload a file within a formdata request type, click on "formdata" in the Body tab and then select "File" from the Type dropdown. You may upload a new file from your computer or choose an existing file from your workspace.

Uploading a file in a formdata request body
To upload a file within a "binary" request type, select "binary" in the Body tab, then upload a local file or choose an existing file from your workspace.

Uploading a file in a binary request body
Upon saving the test, any new files will be uploaded to the mabl cloud to enable cloud runs. You can manage file uploads in your workspace by going to the File Uploads page in the app: Configuration > File Uploads.
Pre-request script
JavaScript code that will run before the HTTP request is made, including support for JavaScript functions and libraries available in Postman.
Flow-level script settings
To apply the same pre-request script to every request in an API test, open the flow-level settings modal in the API Test Editor and click on the Pre-request tab.
Settings
Key-value pair settings that will be applied to the HTTP request.
Disabling redirects
If you would like to disable redirection for 3xx responses, add the key "followRedirects" with a value of "false" in the Settings tab:

Disabling redirects in the Settings tab
Updated 7 months ago