Environment Variables and Scripts

Environment Variables & Pre‑request Scripts

Use Environment Variables and the Pre‑request Script to prepare requests dynamically (tokens, timestamps, base URLs) before sending.

Environment Variables

• Open: Edit → Environment Variables (Shortcut: Ctrl+E / Cmd+E).
• Purpose: Store key–value pairs such as BASE_URL, AUTH_TOKEN, TENANT, or any custom values.
• Scope: User‑level. Values persist across sessions.
• Typical uses:
  • Build URLs (e.g., different environments: dev/stage/prod).
  • Compose headers (e.g., Authorization tokens).
  • Provide defaults for parameters and body templates.

Pre‑request Script

• Location: In each request tab → “Pre‑request Script” tab.
• When it runs: Right before the request is sent.
• What it can do:
  • Read your environment variables.
  • Compute or transform values (e.g., current timestamp, HMAC signatures, dynamic IDs).
  • Set/override headers and parameters before the request goes out.

Common patterns

• Base URL + path: Keep BASE_URL in Environment Variables and join with endpoint paths in the URL field.
• Bearer tokens: Keep AUTH_TOKEN in Environment Variables, then apply to Authorization header via Pre‑request Script.
• Timestamps & nonces: Generate time‑based values in the Pre‑request Script and inject into headers or body.

Safety tips

• Never put secrets into project files; keep them in Environment Variables.
• Rotate tokens regularly and prefer short‑lived credentials.
• Consider using a system keychain/secret manager for long‑lived secrets; paste them only when needed.

Troubleshooting

• If a value isn’t applied:
  • Verify it exists in Environment Variables and there are no leading/trailing spaces.
  • Check that your Pre‑request Script tab is configured for the request you’re sending.
  • Try sending with the Debug Console visible (View → Show/Hide Debug Console) to inspect logs.