Show Authorization Header on documentation?

The majority of my requests require an Bearer token to be passed as part of the authorization header. At the moment, I have a script within my login request that stores this token as an environment variable, which I then use in my Authorization headers.

Within Postman, it shows it as a temporary header that is not stored with the request which is fine, but he problem is that in my documentation, there is no mention of the Authorization header anywhere:

image

Is there a way to include this as a header, even if it only shows the variable placeholder I am using? At the moment, since it’s not included in the documentation, nobody can figure out how to connect…

3 Likes

I have the same problem.
My authentication end point requires Basic Auth and all subsequent calls require Bearer tokens in the Authorization header.
Inside the Postman app, the code is generated correctly (adding the Authorization header). However, in the docs, the generated call looks very different and the Authorization header is missing entirely.
I would expect that both the docs and the app generate the same code for the same call.
Here’s an example of the difference in cURL:

App:

curl -X POST \
  https://api.newsletter2go.com/oauth/v2/token \
  -H 'Authorization: Basic somebase64authkey' \
  -H 'Cache-Control: no-cache' \
  -H 'Postman-Token: 7c81033b-d712-439a-bb6b-0ec551c98a09' \
  -H 'content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW' \
  -F grant_type=https://nl2go.com/jwt \
  -F username=some@credentials.tld \
  -F password=somepassword

Docs

curl --request POST \
  --url https://api.newsletter2go.com/oauth/v2/token \
  --header 'content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW' \
  --form grant_type=https://nl2go.com/jwt \
  --form 'username=some@credentials.tld' \
  --form 'password=somepassword'

I also wish Postman’s Documentation would show the Authorization header as specified in the Authorization section of the Postman app so that CURL and the other samples correctly show the need for the Authorization header.
A lock icon on the documentation is not sufficient.
I’ve also worked with the Swagger API tools and they allow you set the value of the Authorization header in the documentation so that the CURL and the other samples are then accurate.

However, I did manage to workaround this problem by not using the Authorization section of the Postman app and instead manually set the value in the Headers section:

  • key = Authorization
  • value = Bearer {{token}}

Once sync’d, the documentation and samples displayed an Authorization header with the value of the “token” variable properly resolved based on the selected Environment.