Skip to content

Postman Testing Guide

The repository includes a pre-configured Postman collection in /postman.

1. Import

  1. Open Postman.
  2. Click Import.
  3. Select postman/collection.json and postman/environment.json.

2. Environment Setup

Select the BacMR Local or BacMR Render environment. Update the following variables in the environment: - supabaseUrl - supabaseAnonKey - adminKey (matches ADMIN_API_KEY in your .env)

3. Getting a JWT

The collection includes a folder "Supabase Auth (External)". 1. Run the "Sign In with Email" request. 2. The Tests script will automatically save the access_token to the bacmr_jwt variable. 3. Subsequent requests (like /chat or /wallet/balance) will use this token automatically via the Bearer Token auth type.

4. Testing SSE (Streaming)

Postman handles SSE by displaying chunks as they arrive. - Open the "Chat (Streaming)" request. - Hit Send. - Watch the Body tab; you will see event: token and event: sources appearing in real-time.

5. Admin Authorization Testing

The backend now supports both x-admin-key and Supabase JWT roles.

A. Testing with X-Admin-Key (Deprecated)

  • Add Header: x-admin-key: {{adminKey}}
  • Used for POST /upload-curriculum and POST /scraping/{source}/sync.

B. Testing with Admin JWT

  • Ensure you signed in as a user with the admin role in Supabase.
  • Use Bearer Token auth with {{bacmr_jwt}}.
  • If the role is student, the API will return 403 Forbidden.
  • If the role is admin, it will return 200 OK.

Back to Index