API request details

Configuring requests in the API Test Editor

You can use the Request details section of the API Test Editor to configure the details for each API request. At a minimum, a step in an API test will include the following:

  • HTTP method: GET, POST, PUT, PATCH, FETCH, DELETE, HEAD, or OPTIONS
  • URL: The URL is also known as an API endpoint. You can use mabl variable syntax to reference the base URL (api.url).
    • For example, if the base URL is https://example.com/api, and you want to make a GET request to https://example.com/api/users, you can write {{@api.url}}/users as the endpoint.
2390

The Request details panel

Depending on the data that you need to send with the request, you can also use the tabs listed below the URL input field: auth, params, headers, body, pre-request, and settings.

Auth

Supported authentication types include API key, basic auth, bearer token, and OAuth 1.0 If you need support for additional authentication types, please let us know via the mabl Product Portal.

📘

Flow-level auth settings

To apply the same auth to every request in an API test, open the flow-level settings modal in the API Test Editor and click on Auth tab.

Inherit auth from parent

Use this setting if you set authentication at the flow level and want to use those auth settings for this particular step.

No auth

If the test has flow-level auth settings and you want to send a request without those settings, use No auth.

API key

Enter the API key name and its value; then indicate whether it should be sent in the request header or as a query parameter.

1510

Example of a request using an API key

Basic auth

Enter the username and password to be sent with this request.

1510

Example of a request using basic auth

Bearer token

Enter the token in the input field. This authentication type sends a request header Authorization with a value Bearer <your_token_value>.

OAuth 1.0

Choose from a Signature Method and supply values as required by the API under test:

  • Consumer key
  • Consumer secret
  • Access token
  • Token secret

Click on the Add to dropdown to indicate where to send the details for OAuth 1.0: in the headers or in the URL. By default, OAuth 1.0 is sent in the headers.

Toggle on Show advanced settings to set additional values if needed, including the following:

  • Callback URL
  • Nonce
  • Realm
  • Timestamp
  • Verifier
  • Version
  • Add empty parameters to signature
  • Include body hash

Params

Query parameters are added in key-value pairs and get appended to the API URL.

Headers

Enter request headers as key-value pairs; add a description if desired.

Body

You can use the body field to add or update data in your request. Supported formats include raw text (text, JSON, XML, HTML), formdata, x-www-form-urlencoded, binary, and GraphQL.

Uploading files

File Uploads are supported for "formdata" and "binary" request types.

To upload a file within a formdata request type, click on "formdata" in the Body tab and then select "File" from the Type dropdown. You may upload a new file from your computer or choose an existing file from your workspace.

1456

Uploading a file in a formdata request body

To upload a file within a "binary" request type, select "binary" in the Body tab, then upload a local file or choose an existing file from your workspace.

1484

Uploading a file in a binary request body

Upon saving the test, any new files will be uploaded to the mabl cloud to enable cloud runs. You can manage file uploads in your workspace by going to the File Uploads page in the app: Configuration > File Uploads.

Pre-request script

JavaScript code that will run before the HTTP request is made, including support for JavaScript functions and libraries available in Postman.

📘

Flow-level script settings

To apply the same pre-request script to every request in an API test, open the flow-level settings modal in the API Test Editor and click on the Pre-request tab.

Settings

Key-value pair settings that will be applied to the HTTP request.

Disabling redirects

If you would like to disable redirection for 3xx responses, add the key "followRedirects" with a value of "false" in the Settings tab:

610

Disabling redirects in the Settings tab