Run Postman Partner Scenarios

CONTENTS

• Prerequisite
• Folder-level Pre-request Script Run
• Folder-level Tests Run
• Run GET Case Request
• Run POST Case Request
• Run POST Note Request
• Run POST Contact Request
• Run PATCH Contact Request
• Run PATCH Partner Case References Request

PREREQUISITE

• Get started with Postman to Access MSaaS API.
• Gain some familiarity with Postman debugging tools ^optional.

FOLDER-LEVEL PRE-REQUEST SCRIPT RUN

❗️❗️**eval() is vulnerable to malicious scripts and should be avoided if possible.**❗️❗️

• Upon clicking Send button to run any one of the requests under the folder Partner Scenarios, the following script will be run behind the scene before the main request is actually sent. Note that false is passed as argument indicating it is NOT forcing token update.

  eval(pm.globals.get("validateAndUpdateToken"))(false);
  

• What this does is to
  1. Extract the serialized validateAndUpdateToken script (pseudocode below) stored in the Global variable under the same name,

  if NOT forcing update, bearer token present, and token expiration is more than 10 seconds from now:
      return
  else
      compile JsRsaSign script (stored in Global variable "020_JsRsaSign")
      draft jwt header and claims with auth end point, Client/APP ID, thumbprint, etc
      compute jwt signature with private key via JsRsaSign
      make request to Authorization Server endpoint for access token (Bearer Token)
      store access token in variable "100s_200s_BearerToken"
  

  2. Evaluate (compile and execute) the said script,
  3. Make preliminary validation on the access token, and
  4. Request for new access token if needed.

FOLDER-LEVEL TESTS RUN

📑The following HTTP 401 scenario is NOT expected to occur often. More like corner cases.📑

• Upon receiving response from any one of the requests under the folder Partner Scenarios, the following script will be run behind the scene.

  if (pm.response.code == 401) {
      eval(pm.globals.get("validateAndUpdateToken"))(true); // Forcibly/Unconditionally (hence "true" as argument) request a new token regardless if one is present.
      console.log("Access Token is being updated. Please try again the originally intended request.");
      return;
  }
  

• What this does is to do the following should the response code is HTTP 401 (Not Authorized):
  1. Extract and evaluate the same serialized validateAndUpdateToken script, and request new access token without first validating the existing one (by passing true argument for *forcibly updating token),
  2. Console-log the token update to notify user to re-run the same request.
• Notice that no Postman Test Scripts are found above. Although Tests tab is intended mainly for testing, it is NOT exclusively for testing. Tests tab is simply a placeholder for scripts to be run after return of main requests.

RUN GET CASE REQUEST

1. Launch Postman. If Postman sidebar does not already appear, click Hide Sidebar button at bottom left corner to toggle sidebar.

2. Click Collections tab.

3. Click Msaas API folder to show the content.

4. Click Partner Scenarios folder under Msaas API collection.

5. Multiple requests can be found with numbering and naming very similar with those in Field Mapping spreadsheet provided by Microsoft.

6. Click GET 200 v1 Get Case request.

7. Make sure 200 v1 Get Case request is in focus and Environment is set to Msaas Api DEV. Click Send button.

8. After getting response, verify response status/code is 200 OK and the case JSON appears in the response Body tab.

9. ^optional Alternatively, the case JSON can be found on Response Body of the request on Postman console as well. Just to make sure the Postman console has to be launched and ready prior to sending the request.

❗️❗️Parsing HTML by REGEX incurs security risk. Use as last resort on trusted source❗️❗️
10. ^optional Click Tests tab of main Postman app, case attribute parsing script can be found. The pseudocode outlines the high-levels.

if no JSON or JSON does not contain the case:
    log message and return

if no Partner Case References array in case JSON:
    log message and return (this array's absence likely indicates the invalidity of the entire case)
else:
    store user's own Partner Case References item ID in variable "110_PartnerCaseReferenceIdGuid"

if no default Customer item in case JSON:
    log message and return (default customer's absence likely indicates the invalidity of the entire case)
else:
    store default Customer ID in variable "140_DefaultCustomerIdGuid"

if no Contacts array in case JSON:
    log message and return
else:
    store newest Contact ID in variable "145_NewestContactIdGuid"

if no Notes array in case JSON:
    log message and return
else:
    print all notes and the newest note without HTML tags

11. ^optional As shown above, GET 200 v1 Get Case parses multiple crucial attributes useful for other scenarios. For example, the value stored in 110_PartnerCaseReferenceIdGuid can be utilized in the requests 110 P. Agent Assigned and xxx clase closed as part of the URL, and the value stored in 140_DefaultCustomerIdGuid can be utilized in the requests 140 Contact Create and 145 Contact Update as part of the URL.

RUN POST CASE REQUEST

1. Follow Run GET Case step 1-5.

2. Click 100 SandBox Create a Case request.

3. Make sure 100 SandBox Create a Case request is in focus, Environment is set to Msaas Api DEV, and the request Body tab contains valid case JSON. Click Send button.

4. ^optional In the case JSON in the request Body tab, multiple occurrences of {{xxx}} can be found. They are either Global/Environment variables or dynamic variables.

5. After getting response, verify response status/code is 201 Created and the new case number appears in the response Body tab.

6. ^optional Alternatively, the new case number can be found on Response Body of the request on Postman console as well. Just to make sure the Postman console has to be launched and ready prior to sending the request.

7. ^optional Click Tests tab of main Postman app, case number parsing script can be found. This is used to store the case number in variable "100s_200s_CaseNumber".

   pm.environment.set("100s_200s_CaseNumber", pm.response.json().CaseNumber);
   

RUN POST NOTE REQUEST

1. Follow Run GET Case step 1-5.

2. Click 120 Note Create request.

3. Make sure 120 Note Create request is in focus, Environment is set to Msaas Api DEV, and the request Body tab contains valid Note JSON. Click Send button.

4. After getting response, verify response status/code is 201 Created and the new note ID GUID appears in the response Body tab.

5. ^optional Click Pre-request Script tab, timestamp parsing script can be found (pseudocode below). This is used to store the the timestamp in variable "100s_200s_CurrentDateTime".

   get current datetime
   parse hour
   parse minute
   parse second
   parse year
   parse month
   parse day
   store timestamp in the format of yr/mo/day/hr/min/sec in in variable "100s_200s_CurrentDateTime"
   

RUN POST CONTACT REQUEST

1. Follow Run GET Case step 1-5.

2. Click 140 Contact Create request.

3. Make sure 140 Contact Create request is in focus, Environment is set to Msaas Api DEV, and the request Body tab contains valid Contact JSON. Click Send button.

4. After getting response, verify response status/code is 201 Created and the new contact ID GUID appears in the response Body tab.

5. ^optional If response status/code is 404 Not Found, one common reason may be that the value of variable {{140_DefaultCustomerIdGuid}} is not updated to match the Customer ID GUID of the target case. It is advisable to always run 200 v1 Get Case request before adding contact so that the Customer ID GUID may be updated programmatically, unless the user opt for manual update.

RUN PATCH CONTACT REQUEST

1. Follow Run GET Case step 1-5.

2. Click 145 Contact Update request.

3. Make sure 145 Contact Update request is in focus, Environment is set to Msaas Api DEV, and the request Body tab contains valid Contact JSON. Click Send button.

4. After getting response, verify response status/code is 204 No Content.

5. ^optional If response status/code is 404 Not Found, one common reason may be that the value of variable {{140_DefaultCustomerIdGuid}} and/or {{145_NewestContactIdGuid}} is not updated to match the those of the target case. It is advisable to always run 200 v1 Get Case request before modifying contact so that the Customer ID GUID may be updated programmatically, unless the user opt for manual update. Also note that {{145_NewestContactIdGuid}} points to the newest contact. Therefore, if update on older contact of the case is intended, please so modify manually.

RUN PATCH PARTNER CASE REFERENCES REQUEST

📑This section applies to both 110 P. Agent Assigned and xxx clase closed requests📑

1. Follow Run GET Case step 1-5.

2. Click 110 P. Agent Assigned or xxx clase closed request.

3. Make sure 110 P. Agent Assigned or xxx clase closed request is in focus, Environment is set to Msaas Api DEV, and the request Body tab contains valid PartnerCaseReferences JSON. Click Send button.

4. After getting response, verify response status/code is 204 No Content.

5. ^optional If response status/code is 404 Not Found, one common reason may be that the value of variable {{110_PartnerCaseReferenceIdGuid}} is not updated to match the those of the target case. It is advisable to always run 200 v1 Get Case request before adding contact so that the PartnerCaseReferences ID GUID may be updated programmatically, unless the user opt for manual update.