Postman Collections & Environments
Postman is the world's most popular API testing platform — used by 30 million developers and testers. Beyond being an HTTP client, Postman enables you to organize requests into collections, manage test environments (staging vs production), chain requests (use login token in subsequent calls), and write test assertions in JavaScript. These features make Postman the essential API testing tool for every SDET.
Postman Organization and Environment Variables
- Collections: Group related API requests together (e.g., 'User API', 'Order API')
- Folders within Collections: Organize by resource or workflow (e.g., 'Auth', 'Create User', 'Update User')
- Environments: Named sets of variables for different deployment targets (Local, Staging, Production)
- Environment Variables: {{base_url}}, {{auth_token}}, {{user_id}} — replace hardcoded values in requests
- Collection Variables: Variables scoped to a collection (shared across all requests in the collection)
- Global Variables: Available in all collections (use sparingly)
- Pre-Request Scripts: JavaScript that runs BEFORE the request (e.g., generate dynamic data, refresh token)
- Test Scripts: JavaScript that runs AFTER the request (assertions, extracting values for next requests)
Postman Environment Setup and Variable Chaining
// ══════════════════════════════════════════════════════════════
// ENVIRONMENT SETUP
// ══════════════════════════════════════════════════════════════
// Staging Environment:
// base_url: https://staging.myapp.com
// admin_email: admin@test.com
// admin_password: Admin@1234
// auth_token: (empty — filled by login request)
// user_id: (empty — filled by create user request)
// Production Environment:
// base_url: https://api.myapp.com
// admin_email: admin@prod.com
// admin_password: (set via Postman Vault — never hardcoded)
// auth_token: (empty)
// IN REQUESTS: Use {{variable_name}} syntax
// URL: {{base_url}}/api/users/{{user_id}}
// Header: Authorization: Bearer {{auth_token}}
// Body: { "email": "{{admin_email}}", "password": "{{admin_password}}" }
// ══════════════════════════════════════════════════════════════
// REQUEST CHAINING — Extract token from login, use in next request
// ══════════════════════════════════════════════════════════════
// 1. Login request — Test Script (runs after response received):
pm.test("Login successful", function() {
pm.response.to.have.status(200);
});
// Extract token and save to environment variable
const response = pm.response.json();
pm.environment.set("auth_token", response.token);
pm.environment.set("user_id", response.user.id);
// Now {{auth_token}} is available in ALL subsequent requests in this collection run
// 2. Get User Profile request (uses token from step 1):
// URL: {{base_url}}/api/users/{{user_id}}
// Header: Authorization: Bearer {{auth_token}}
// 3. Update Profile request (uses user_id from step 1):
// URL: {{base_url}}/api/users/{{user_id}}
// Method: PATCH
// Body: { "name": "Alice Updated", "phone": "+1234567890" }
// ── PRE-REQUEST SCRIPT: Generate dynamic test data ────────────
// Run before POST /api/users (create new user):
const timestamp = Date.now();
pm.environment.set("test_email", "testuser_" + timestamp + "@test.com");
pm.environment.set("test_name", "Test User " + timestamp);
// Now body can use: { "email": "{{test_email}}", "name": "{{test_name}}" }
// This ensures each test run creates a UNIQUE user (avoids duplicate email errors)Common Mistakes
- Hardcoding URLs in every request — use {{base_url}} environment variable; allows switching from staging to production with one click
- Storing sensitive credentials in collection variables — use Postman Vault (secret type) for passwords and API keys; never commit plain text secrets
- Not using pre-request scripts for dynamic data — static test data like hardcoded emails cause 'already exists' errors on repeat runs
- Running requests without an active environment — '{{base_url}}' evaluates to '{{base_url}}' literally if no environment is selected; always select your environment
Tip
Tip
Practice Postman Collections Environments in small, isolated examples before integrating into larger projects. Breaking concepts into small experiments builds genuine understanding faster than reading alone.
Playwright rising fast — modern API, auto-waits, all browsers
Practice Task
Note
Practice Task — (1) Write a working example of Postman Collections Environments from scratch without looking at notes. (2) Modify it to handle an edge case (empty input, null value, or error state). (3) Share your solution in the Priygop community for feedback.
Quick Quiz
Common Mistake
Warning
A common mistake with Postman Collections Environments is skipping edge case testing — empty inputs, null values, and unexpected data types. Always validate boundary conditions to write robust, production-ready software testing code.
Key Takeaways
- Postman is the world's most popular API testing platform — used by 30 million developers and testers.
- Collections: Group related API requests together (e.g., 'User API', 'Order API')
- Folders within Collections: Organize by resource or workflow (e.g., 'Auth', 'Create User', 'Update User')
- Environments: Named sets of variables for different deployment targets (Local, Staging, Production)