[SOLVED] Help needed with this one API test that's been driving me up the wall

Aaah I messaged you @maaike.brinkhof on racket but I’ll write it here also for the rest.
I don’t know why your environment variables are not persistent or what you are doing to them but…:

So eventually you’ll want to run these tests within a CI/CD pipeline + you don’t really want hard-coded passwords in any script or variables or even in version control.

For example Azure DevOps:

  • Create 2 pipeline variables Password1 (current) and Password2 (new password)
    **(set them as a Secret also!)
  • Start the pipeline and generate a new password (GUID or something) and set it to Password2
  • Run your first test with current password as Password1 and change your users new password as Password2

** your tests run **

  • If your test has passed, set Password2 as Password1 (which is the currentpassword of your user)

On your next run you’ll create again a new password for Password2, etcetc.
From a security standpoint this is also a nicer way of working since even you will never know what the password is and there is no hard-coded passwords in Git or anything.

This is our current setup :stuck_out_tongue:


Others options:

  • You could also make an SMTP request in JavaScript in order to test your create user flow also and you can run your test in isolation each time.
  • Are collection variables an option?
  • Can you reset password?
1 Like