DEV Community

Discussion on: Introduction to ASP.NET Core Integration Testing

Collapse
luridsnk profile image
Filippenko Kirill

Good post. But how would you test authorized endpoints?

Collapse
kaos profile image
Kai Oswald Author

This depends on the authorization methods used to protect those endpoints.

For example if you use JWT you could generate your token in the TestInitialize and set the Authorization header on the client.

I'm planning on doing another post going into more detail.

Collapse
luridsnk profile image
Filippenko Kirill • Edited on

Good point.
But if you're ought to create and API for SPA, you'd probably consider not only 'header' implementation.
For those reasons I personally prefer to send JWT in HttpOnly cookie. Could you please cover this case as well?

Thread Thread
kaos profile image
Kai Oswald Author