If you’ve ever tested a login API and then copied the token manually to authenticate another request — you already know how repetitive that gets. PostScripts in Qodex.ai are built to make that problem disappear.

What Are PostScripts?

PostScripts are automation snippets that allow you to capture values from API responses and store them in variables — all in real-time, without writing complex code. They’re powerful because you can:
  • Automatically extract values like access tokens, user IDs, or emails
  • Store them in environment variables
  • Reuse them in subsequent API requests without manual copying

Why Are They Valuable?

Here’s what PostScripts unlock for developers:
  • Token Automation: Skip manual copy-paste — extract login tokens automatically
  • Multi-step Testing: Seamlessly test chained APIs like Login → Fetch Profile → Get Data
  • Clean Environments: No more hardcoded values; your environment stays dynamic
  • Less Error-Prone: Ensures consistency across APIs by using fresh response values
  • Great for CI/CD: Ideal for automated pipelines and QA where tokens must be fetched fresh every time

Example Use Case: Login → Get Organizations

Let’s say you’re testing an auth flow where:
  1. POST /sign_in returns a JWT token
  2. GET /organizations needs that token in the Authorization header

Step 1: Send Login Request

Call the login endpoint with user credentials. You’ll get a JSON like: 
{
  "message": "Login successful",
  "JWT": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Step 2: Save JWT Using a PostScript

Navigate to the PostScript tab for this request and enter: 
jwt_token = {{current_response_body.JWT}}
  • This takes the JWT field from the response
  • Saves it as a variable called jwt_token
  • Hit Send and the variable will be saved in the selected environment
Screenshot2025 07 18at17 20 39 Pn

Step 3: Check It’s Stored

Head to the Environment tab. You’ll now see: 
jwt_token = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Screenshot2025 07 18at17 23 44 Pn

Step 4: Use the Token in Another API

In your GET /organizations request, go to Headers: 
Authorization: Bearer {{jwt_token}}
Done! Your token flows directly from the login API to the protected endpoint.

Best Practices

  • Always wrap PostScript variables with
  • Only use keys from the actual response (check structure before using)
  • Avoid static text in PostScripts — they may break automation flows
  • Use clear variable names like auth_token, user_id, refresh_token, etc.