API Testing Challenges 31 - How To - forbidden secret note 403
How to complete the unauthorized secret note challenge, which returns a status code of 403 Forbidden.
Issue a GET request on the `/secret/note` end point and receive 403 when `X-AUTH-TOKEN` does not match a valid token
The `X-CHALLENGER` header authenticates you to access a specific set of secret notes, and the `X-AUTH-TOKEN` authorizes you to gain access.
- `GET` request means use the HTTP Verb GET
- e.g. `GET /secret/note` sends to the secret note endpoint
- `X-AUTH-TOKEN` means include a header named `X-AUTH-TOKEN` in the message. The `X-` implies it is a non-standard custom header
- `does not match a valid token` means that the value in the header should be different from the value returned from the `secret/token` endpoint
- add the `X-CHALLENGER` header to track progress and because the authentication code we need is asociated with the `X-challenger` session
- Receive a 403 FORBIDDEN response because the authorization token does not match the token required to access the data
Find the application links and more information at:
- https://eviltester.com/apichallenges
Write up of this challenge instructions:
- https://eviltester.com/apichallenges/howto/31-secret-note-forbidden-403
---
Remember to subscribe to this YouTube channel.
You can support me on Patreon https://patreon.com/eviltester (watch my videos ad free and receive extra content)
I blog at https://eviltester.com/blog
Learn more about my books and online training at:
- https://eviltester.com
Follow me on:
- https://twitter.com/eviltester
- https://instagram.com/eviltester
- https://facebook.com/eviltester
Видео API Testing Challenges 31 - How To - forbidden secret note 403 канала EvilTester - Software Testing
Issue a GET request on the `/secret/note` end point and receive 403 when `X-AUTH-TOKEN` does not match a valid token
The `X-CHALLENGER` header authenticates you to access a specific set of secret notes, and the `X-AUTH-TOKEN` authorizes you to gain access.
- `GET` request means use the HTTP Verb GET
- e.g. `GET /secret/note` sends to the secret note endpoint
- `X-AUTH-TOKEN` means include a header named `X-AUTH-TOKEN` in the message. The `X-` implies it is a non-standard custom header
- `does not match a valid token` means that the value in the header should be different from the value returned from the `secret/token` endpoint
- add the `X-CHALLENGER` header to track progress and because the authentication code we need is asociated with the `X-challenger` session
- Receive a 403 FORBIDDEN response because the authorization token does not match the token required to access the data
Find the application links and more information at:
- https://eviltester.com/apichallenges
Write up of this challenge instructions:
- https://eviltester.com/apichallenges/howto/31-secret-note-forbidden-403
---
Remember to subscribe to this YouTube channel.
You can support me on Patreon https://patreon.com/eviltester (watch my videos ad free and receive extra content)
I blog at https://eviltester.com/blog
Learn more about my books and online training at:
- https://eviltester.com
Follow me on:
- https://twitter.com/eviltester
- https://instagram.com/eviltester
- https://facebook.com/eviltester
Видео API Testing Challenges 31 - How To - forbidden secret note 403 канала EvilTester - Software Testing
Показать
Комментарии отсутствуют
Информация о видео
24 июля 2021 г. 21:29:05
00:02:00
Другие видео канала
API Challenges Simulation Walkthrough using PostmanAPI Testing Challenges 33 - How To - GET authorized secret note 200API Challenges - POST Challenger 201 DebriefAPI Testing Challenges 30 - How To - basic authentication passed 201Automating Tic Tac Toe JavaScript Game from Browser ConsoleExploratory Testing Government Style - The Evil Tester Show PodcastJava For Testers, learn to code differentlyIntroducing The Observatron a new Exploratory Testing Screenshot taking toolTopics for Free Selenium WebinarsEpisode 007 - Finding Tools Special 2019 - The Evil Tester ShowCommonsense Agile - an Agile Coach and Mentor Explains Agile Testing and DevelopmentHow to Use Console 2Selenium WebDriver Sporting Event TributeAPI Testing Challenge 16 - How To - GET todos any 200Which test entities help testing - Test cases, scripts, conditions or scenarios?Overview of the Tools For Selenium WebDriver InstallA short overview of the Postman REST API GUI ClientAutomating Tactically vs Strategically SauceCon 2020 Preview15 Minute Speedrun Install Of Selenium WebDriver With Java And Maven For Windows XPAn essential aspect of Exploratory Testing is the Debrief #ShortsIntroduction to the Java IDEs for Selenium Webdriver