API testing tools
The purpose of this page is to show how to configure several of the most popular API testing tools in order to make calls to Tachyon Consumer API.
This page will not recommend a particular tool nor will it discuss differences between versions of each tool.
Postman
Version 7.36.5 was used in this guide.
Turn off SSL certificate validation
Open Settings and on "General" tab turn off "SSL certificate cerification".
Setting the X-Tachyon-Consumer header field
This header fields needs to be set on the "Headers" tab ofeach request.
Configuring Credentials
On authorization tab, you should pick "NTLM Authentication (Beta)" and fill your credentials. You can use Username, Password and Domain or write your user name in domain\username format into the Username field.
Gotchas
Postman caches credentials from successful API calls. This means that you can make an API calls that will succed and then make a subsequent call with different credentials and even though these new credentials should make the call fail, it succeeds. This is due to credentials caching present in Postman.
Fiddler
Version 5.0 was used in this guide.
Enabling Windows Authentication
To turn on Windows Authentication, you should switch to "Composer", then in the "Options" tab, tick "Automatically Authenticate". This will make Fiddler use Windows Credentials of the user running it in all API calls, so there's no need to explicitly input credentials.
Setting the X-Tachyon-Consumer header field
Header fields can be set in "Composer" view.
Insomnia
Version 2020.4-2 was used in this guide.
Setting the X-Tachyon-Consumer header field
You can set the header on the "Header" tab.
Configuring Credentials
You should change the authentication method to NTLM, set username in domain name \ user name format and provide a password.
