Links

Execute

After determining that an endpoint is eligible for a YAML Test, it is forwarded to the execution step. This section is used to describe actions/modifications to achieve the desired test request body.

Syntax

Execute operators can be of the following types -
Operator
Description
add_body_param
Add a new key/value pair in the request payload at the root
modify_body_param
Modify value of an existing key in the request payload at any position. If the key is missing, executor engine ignores the step and moves on to next operation
delete_body_param
Delete an existing key in the request payload at any position. If the key is missing, executor engine ignores the step and moves on to next operation
replace_body
Replace the entire request body with the supplied input
add_header
Add a new key/value pair in the request headers
modify_header
Modify value of an existing header key in the request headers. If the header key is missing, executor engine ignores the step and moves on to next operation
delete_header
Delete an existing header key in the request headers. If the header key is missing, executor engine ignores the step and moves on to next operation
add_query_param
Add a new key/value pair in the query params
modify_query_param
Modify value of an existing key in the query params. If the key is missing, executor engine ignores the step and moves on to next operation
delete_query_param
Delete an existing key in the query params. If the key is missing, executor engine ignores the step and moves on to next operation
modify_url
Modify url to desired value. Supports entire url replacement, as well as replacing just a substring
modify_method
Modify http method to desired method value
remove_auth_header
Remove Auth Headers in the request headers. If auth headers are missing, this operation throws an error and aborts the test for the endpoint
follow_redirect
Specify whether the test attempt should follow redirect or not. By default follow redirect is set to $true$

add_body_param

Used for adding a new key/value pair in the request payload at the root. This takes 2 params, key and value.
Example 1
Original request body of the endpoint you are trying to test:
Original request body
{
"user": "John Doe",
"email": "[email protected]"
}
Let’s say we want to add key (”status”) with value → “admin”
Sample Yaml to modify request body
Sample yaml to modify request
execute:
add_body_param:
status: admin
Modified request body of the endpoint you are trying to test:
Modified request body
{
"user": "John Doe",
"email": "[email protected]",on
"status": "admin"
}

modify_body_param

Used for modifying value of an existing key in the request payload at any position. If the key is missing, executor engine ignores the step and moves on to next operation. This takes 2 params, key and value.
Example 1
Original request body of the endpoint you are trying to test:
Original request body
{
"user": "John Doe",
"email": "[email protected]"
}
Let’s say we want to modify key (”user”) with value → “admin”
Sample Yaml to modify request body
Sample yaml to modify body
execute:
type: single
requests:
- req:
- modify_body_param:
user: admin
Modified request body of the endpoint you are trying to test:
Modified request body
{
"user": "admin",
"email": "[email protected]"
}

delete_body_param

Used for deleting an existing key in the request payload at any position. If the key is missing, executor engine ignores the step and moves on to next operation. This takes single param, key.
Example 1
Original request body of the endpoint you are trying to test:
original body request
{
"user": "John Doe",
"email": "[email protected]"
"isActive": false
}
Let’s say we want to remove key (”isActive”)
Sample Yaml to modify request body
Sample yaml to modify body
execute:
type: single
requests:
- req:
- delete_body_param: isActive
Modified request body of the endpoint you are trying to test:
Modified request body
{
"user": "admin",
"email": "[email protected]"
}

replace_body

Used for replacing the entire request body with the supplied input. This takes 1 param, new payload.
Original request body of the endpoint you are trying to test:
original req body
{
"user": "John Doe",
"email": "[email protected]",
"isActive": false
}
Let’s say we want to replace the above payload with below new payload
new payload
{
"id": 5,
"admin": true
}
Sample Yaml to modify request body
Modified request body
execute:
type: single
requests:
- req:
- replace_body: '{"id": 5, "admin": true}'

add_header

Used for adding a new key/value pair in the request headers. This takes 2 params, key and value.
Example 1
original header of the endpoint you are trying to test:
original API header
Content-Type: application/json
Authorization: <Bearer-Token>
Let’s say we want to add a new header (”Host”) with value → “xyz.evil.com”
Sample Yaml to modify request header
Sample yaml to modify header
execute:
type: single
requests:
- req:
- add_header:
Host: xyz.evil.com
Modified request header of the endpoint you are trying to test:
modified header
Content-Type: application/json
Authorization: <Bearer-Token>
Host: xyz.evil.com

modify_header

Used for modifying value of an existing header key in the request headers. If the header key is missing, executor engine ignores the step and moves on to next operation. This takes 2 params, key and value.
Example
original header of the endpoint you are trying to test:
Content-Type: application/json
Authorization: <Bearer-Token>
Let’s say we want to modify key (”Authorization”) with a different user token value →
Sample Yaml to modify request header
jsexecute:
type: single
requests:
- req:
- modify_header:
Authorization: <Bearer-Token2>
Modified request header of the endpoint you are trying to test:
Content-Type: application/json
Authorization: <Bearer-Token2>

delete_header

Used for deleting an existing header key in the request headers. If the header key is missing, executor engine ignores the step and moves on to next operation. This takes a single param, key.
Example 1
original header of the endpoint you are trying to test:
Content-Type: application/json
Authorization: <Bearer-Token>
Let’s say we want to modify key (”Authorization”) with a different user token value →
Sample Yaml to delete request header
execute:
type: single
requests:
- req:
- delete_header: Authorization
Modified request header of the endpoint you are trying to test:
Content-Type: application/json

add_query_param

Used for adding a new key/value pair in the query params. This takes 2 params, key and value.
Example 1
original url of the endpoint you are trying to test:
http://xyz.com?user=1
Let’s say we want to add a new query param (”admin”) with value → true
Sample Yaml to add query params
execute:
type: single
requests:
- req:
- add_query_param:
admin: true
New query params in the url of the endpoint you are trying to test:
http://xyz.com?user=1&admin=true

modify_query_param

Used for modifying value of an existing key in the query params. If the key is missing, executor engine ignores the step and moves on to next operation. This takes 2 params, key and value.
Example 1
original url of the endpoint you are trying to test:
http://xyz.com?user=1
Let’s say we want to modify query param (”user”) with value → 4
Sample Yaml to modify query params
execute:
type: single
requests:
- req:
- modify_query_param:
user: 4
modified query params in the url of the endpoint you are trying to test:
http://xyz.com?user=4

delete_query_param

Used for deleting an existing key in the query params. If the key is missing, executor engine ignores the step and moves on to next operation. This takes single params, key.
Example 1
original url of the endpoint you are trying to test:
http://xyz.com?user=1&active=true
Let’s say we want to delete query param (”active”)
Sample Yaml to modify query params
execute:
type: single
requests:
- req:
- delete_query_param: active
modified query params in the url of the endpoint you are trying to test:
http://xyz.com?user=1

modify_url

Used for modifying url to desired value. Supports entire url replacement, as well as replacing just a substring.
Example 1 for replacing entire url
original url of the endpoint you are trying to test:
http://xyz.com/api/v1/user
Let’s say you want to replace this with the below url -
http://xyz.evil.com/api/v2/users
Sample Yaml to modify url
execute:
type: single
requests:
- req:
- modify_url: http://xyz.evil.com/api/v2/users
Example 2 for replacing part of the url
original url of the endpoint you are trying to test:
http://xyz.com/api/v2/user
Let’s say i just want to replace v2 with v1 in the above url -
Sample Yaml to modify url
execute:
type: single
requests:
- req:
- modify_url:
regex_replace:
regex: v[\d+]/
replace_with: v1/
👉🏻 **In simple language:** The above yaml syntax is modifying request url by replacing specified regex string match with v1/
modified url of the endpoint you are trying to test:
http://xyz.com/api/v1/user

modify_method

Used for modifying http method to desired method value. This takes a single param, new method value.
Example 1
original url of the endpoint you are trying to test:
POST http://xyz.com/api/v1/user
Let’s say we want to modify method value to PUT
Sample Yaml to modify method
execute:
type: single
requests:
- req:
- modify_method: PUT
modified url of the endpoint you are trying to test:
PUT http://xyz.com/api/v1/user

remove_auth_header

Used for Removing Auth Headers in the request headers. If auth headers are missing, this operation throws an error and aborts the test for the endpoint. (Refer to Auth section for better understanding on how auth headers are picked by yaml execution engine.)
Example 1
original headers of the endpoint you are trying to test:
Content-Type: application/json
Authorization: <Bearer-Token>
Let’s say we want to remove the auth header for the test request(in this case auth header is - “Authorization”). Prerequisite: the auth has to be configured in auth types in the dashboard for the below execute section to identify authorization key.
Sample Yaml to remove auth headers
execute:
type: single
requests:
- req:
- remove_auth_header: true
modified headers of the endpoint you are trying to test:
Content-Type: application/json

follow_redirect

Used for specifying whether the test attempt should follow redirect or not, in case the response received if of redirect type. By default follow redirect is set to true. This takes a single boolean argument(true/false)
Sample Yaml ****For Disabling Redirect
execute:
type: single
requests:
- req:
- follow_redirect: false

Combining multiple conditions in Execute

Let’s see a few examples on how we can combine multiple execution operations into a test -
Example 1
Scenario -
  1. 1.
    add body_param (”status”) with value → “admin” in request payload
  2. 2.
    modify Request Method To Post
  3. 3.
    delete QueryParam with key (”userId”)

Sample Yaml -

execute:
type: single
requests:
- req:
- add_body_param:
status: admin
- modify_method: POST
- delete_query_param: userId
Example 2
Scenario -
  1. 1.
    delete auth header from request
  2. 2.
    add Header (”origin”) with value → xyz.evil.com
Sample Yaml -
auth:
authenticated: true
execute:
type: single
requests:
- req:
- delete_auth_header: true
- add_header:
origin: xyz.evil.com
- delete_query_param: userId