Issues with Inherited Auth

Hello -

I am new to postman, learning it for my job as a QA.

I am trying to create some basic tests where a “user” logs in to the site. I had the auth set up in the collection, and then had the requests set to inherit auth from parent, and it was working fine.

My boss pointed out that my login information was visible in the JSON and asked me if there was a way to hide or encrypt that information.

I started to poke around in variables (not sure if that was the right place, but it was where I started) and realized it wasn’t working, so deleted the variables.

Now all of my tests are broken, and where the “user” would be logged in before, now I can’t get Postman to recognize the auth and login.

Does anyone have any ideas about what could cause this?

I checked the JSON against the earlier code and it is exactly the same, so I have no idea what change could have prompted it to have broken.

Any help is greatly appreciated!

I’m having this same issue. Did you find a fix?

No, unfortunately I haven’t. And now whenever I start a new collection, the basic auth system isn’t working. When I first initiated my collection I had no issues with Auth and now it won’t work for me at all. I checked the initial code that worked, from when I sent it to my boss, and even that isn’t working if I import it into Postman. I have honestly no idea how to proceed. I planned on bringing it up to my team today to see if any of the developers could sit with me and see if they have any idea what I’m doing wrong. If you happen to find any solutions, I’d be more than happy to hear them! Sorry to hear you’re having this issue, it’s frustrating! I hope we figure it out :slight_smile:

I have a couple of developers on my team taking a look at the JSON file for me to see if they can make any heads or tails out of what the issue may be - if they make any headway I’ll post updates here.

Per my developer - the site I was trying to authenticate is using cookie-based authentication - which doesn’t work with Postman. I have no idea how it was working before but it should not have been, and per my developer makes sense that it is not working now. He recommended I try another testing tool, like Selenium, for my needs instead.

I’ve tried writing a pre-request script to set variables for the user id and password and use a file to set those collection variables. I can see the correct user credentials echoed back in my console - but still get 401.

I tried hard-coding the collection variables and got 401s that way. Fundamental issue seems to be using variable for authentication. When I don’t use a variable and just type the user id/password in it works ok.

I simply don’t get it - what is wrong with this?

Postman REALLY needs to explain use of authentication variables a LOT better.

Adding another pic (these forums only allow 1 image per post)

I was having the same issue.
In the Authorization tab for the request, it was set to “inherit auth from parent” but it was showing “This folder is using NO AUTH from collection”.

I tried changing the collection Auth to Basic Auth and it still didn’t change in the requests.

Turns out you have to SAVE the collection or folder edits before it will update in the children.

After the save, the children now show “Using Basic Auth from collection XXXX”.

1 Like

My question is - WHY DOESN"T THE DOCUMENTATION SAY THIS???