- add this to your .env
SESSION_DOMAIN=yourdomain.com
SANCTUM_STATEFUL_DOMAINS=yourdomain.com
SESSION_SECURE_COOKIE=false
- then add your domain to cookie section of postman
- then
- then hit add domain
- after that you can [optional] add your postman envirement variables
- then with a simple post request scripting you can save the xsrf-token cookie value
- as a postman envirement variable like this
- don't worry I won't make you type it out:
pm.test("Setting xsrf_token env vairable", function () {
let cookie = pm.response.cookies.get('XSRF-TOKEN');
if(cookie) pm.environment.set('xsrf-token',cookie);
else {
let header = pm.response.headers.find(h => h.key == 'Set-Cookie' && h.value.startsWith('XSRF-TOKEN'));
cookie = header?.value.substring(header?.value.indexOf("=") + 1, header?.value.indexOf("%3D"));
pm.environment.set('xsrf-token',cookie);
}
});
this should work ,at least it works for me, I hope it helps you, peace out!