Testing Your Backend

When your frontend makes a request to your backend, it includes an access token. But, what if we don’t have a frontend yet? Or what if we want to test our backend independently from our frontend?

The following guide will walk you through how to use and test the PropelAuth backend libraries in isolation from your frontend.

Getting an Access Token Without a Frontend

There are a few different ways that you can get started with initializing this process, but they all boil down to creating an Access Token for use in your testing.

With our frontend libraries, you can get an access token and send them to the backend via an Authorization header. We do also have an endpoint on our backend libraries that can create an access token for one of your users with a configurable expiration time.

To create this token, you could use the command line, which might look something like:

curl --location --request POST '{AUTH_URL}/api/backend/v1/access_token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {PROPELAUTH_API_KEY}' \
--data '{
    "user_id": "{USER_ID}",
    "duration_in_minutes": 1440

You could also use something like the Python interpreter and one of our Python libraries:

╰─ python
>>> from propelauth_py import init_base_auth
>>> auth = init_base_auth("YOUR_AUTH_URL", "YOUR_API_KEY")
>>> auth.create_access_token("USER_ID", "DURATION_IN_MINUTES")

You could even create a test endpoint on your backend to call through either curl or a program like Postman

app.get('/generate-access-token', async (req, res) => {
	let token = await createAccessToken({
		userId: "9ea9de86-bf30-4162-a791-8cb64639a4ba",
		durationInMinutes: 30

You can also download our Postman Collection to quickly test out the Create Access Token endpoint, as well our other backend APIs.

No matter the method you choose, each will return an access token that you can use in testing your authorized endpoints.

Testing in Postman

Now that you have an access token returned, how can you test out your backend using Postman, as an example?

To start, let’s say I have an Express server with the following endpoint:

app.get('/whoami', requireUser, (req, res) => {
  res.json({user: req.user});

Once I run my backend locally, I can make make a request to this endpoint as long as I pass in the access token that I created previously under the Authorization tab on the request.

postman request

Then, if everything is running correctly, it’s returned as if my user made the request:

postman response

Testing with FastAPI

If you are using a framework like FastAPI, which has built in OpenAPI docs, you can use the access token directly in their UI.

fastapi openapi docs

By using the Authorize button on the right, you can pass in the access token directly, and test your endpoints from here:

fastapi openapi auth

If you have any further questions about testing your backend, please do not hesitate to reach out to support@propelauth.com!