How do I verify if a request actually changed the data?

The skill includes patterns for connecting to the database via Docker to inspect table changes immediately after running a route test.

How does this skill handle authentication?

It uses a specialized script to fetch Keycloak tokens, sign them using project-specific secrets, and inject them into cookie headers for authenticated requests.

Can I use this for non-GET requests?

Yes, the skill provides specific patterns for POST, PUT, and DELETE operations, including JSON body formatting and multipart file uploads.

What should I do if I get a 401 Unauthorized error?

The skill provides a detailed debugging checklist to verify token expiration, cookie formats, JWT secret mismatches, and service connectivity.

Does this work in production environments?

While it can test routes, certain features like mock authentication are strictly restricted to development and test environments for security reasons.

Route Tester for Authenticated APIs

Name: Route Tester for Authenticated APIs
Author: Activer007

byActiver007

Security & Testing

Tests and validates authenticated API endpoints using cookie-based JWT authentication and automated testing scripts.

About

This skill streamlines the process of testing protected routes in backend services by automating the complexities of cookie-based JWT authentication. It provides standardized patterns for using the test-auth-route.js script to fetch Keycloak tokens, sign them, and execute authenticated GET, POST, PUT, and DELETE requests. Whether you are debugging 401/403 errors, verifying database changes after a request, or setting up mock authentication for rapid development, this skill ensures consistent and reliable API validation across multi-service architectures.

Key Features

Automated cookie-based JWT token generation and signing
Comprehensive debugging guides for common 401, 403, and 500 status codes
Standardized patterns for testing complex POST/PUT requests with JSON data
Development-mode mock authentication setup and bypass logic
Integrated database verification workflows for post-request validation
0 GitHub stars

Use Cases

Validating new API endpoints during backend development
Debugging authentication and authorization issues with Keycloak and JWTs
Testing complex workflow submissions and multi-step data operations

About

Key Features

Automated cookie-based JWT token generation and signing
Comprehensive debugging guides for common 401, 403, and 500 status codes
Standardized patterns for testing complex POST/PUT requests with JSON data
Development-mode mock authentication setup and bypass logic
Integrated database verification workflows for post-request validation
0 GitHub stars

Use Cases

Validating new API endpoints during backend development
Debugging authentication and authorization issues with Keycloak and JWTs
Testing complex workflow submissions and multi-step data operations