I’m having issues with tests synced with endpoints that use inherited auth.
Scenario:
1 - Defined a security Scheme (oath 2.0)
2 - Used the security scheme on folder located under root on Endpoints
3 - mark all endpoints under folder to inherit the auth from parent folder
I can generate tokens under security scheme and when I run the request directly under endpoints.
But when I run my test which are synced with my endpoints the request doesn’t have the authorization header.
If I change the test to not sync with endpoint and define the scope, clientId and secret on tests, the test gets the auth header added.
The interesting part is that I have multiple endpoints underneath the folder and a few off them (which I did not update the test recently) are getting the authorization header while the ones updated recently don’t work.
is there anything in particular that you are looking for here on the screenshots?
It is very sensitive information to share. Maybe you have a shared project that uses oath 2.0 that I can clone and see if I can reproduce it?
here is what I was able to reproduce today: strangely it only happens with requests inside the test that I have recently updated, but older requests on the same test have the header included:
I was able to make one of them to have the bearer token added again after multiple times changing between sync with endpoint and manual and also by changing auth from use Parent to manual.
I wanted to highlight that this issue only appears under test, but on APIs the exact same endpoint works fine with inheritance turned ON.
Hello, I’ve created a project to try reproducing your scenario but couldn’t replicate it. I’m inviting you to join the project where you can modify the content to help reproduce this issue:
melo has invited you to join project test1 on Apidog: Apidog
Apparently, the issue happens after switching from automated sync mode to manual generate a token, or manipulate the existing token (change it to empty) then switch back to automated sync with endpoint. Even if the UI shows that a token is valid and not expired, the system still using the invalid or non existing token from manual edition.
