How to delete session cookie in Postman?

119
votes

I am testing my API in Postman and am having trouble simulating a log out.

If I do a call to delete the session cookie, postman request
the session cookie is still there afterwards, and I'm still able to access routes that require authentication.

The route handler on the server is:

  server.route({
    method: 'DELETE',
    path: '/sessions/_current',
    handler: function(req, reply){
      req.auth.session.clear();
      reply({}).code(204);
    }
  });

This is Node.js with Hapi but it shouldn't matter.

Is there a way to delete all the cookies in Postman or certain cookies manually?

12
postman

12 Answers

71
votes

Manually deleting it in the chrome browser removes the cookie from Postman.

In your chrome browser go to chrome://settings/cookies

Find the cookie and delete it

Edit: As per Max890 comment below (in my version of Google Chrome (ver 63)) this is now chrome://settings/content/cookies Then go to "See all cookies and site data"

Update for Google Chrome 79.0.3945.88

chrome://settings/siteData?search=cookies

134
votes

Postman 4.0.5 has a feature named Manage Cookies located below the Send button which manages the cookies separately from Chrome it seems.

enter image description here

15
votes

As @markus said use the "Cookie Manager" and delete the cookie. enter image description here

If you want to learn how to set destroy cookies in postman, You should check the Postman Echo service https://docs.postman-echo.com/

There you will find complete explanation on how to Set, Get and Delete those cookies.

Check it on : https://docs.postman-echo.com/#3de3b135-b3cc-3a68-ba27-b6d373e03c8c

Give it a Try.

12
votes

Note that this answer applies only to the standalone Postman UI and not the Postman app/add-on for Chrome.

How to clear the cache in Postman (so that you are required to log in again when requesting a token, for example):

  • navigate to View: Show DevTools
  • navigate to the Application tab, then the Clear Storage view in the left menu
  • deselect all choices except Cache Storage, then click on ‘Clear site data’
  • restart Postman
  • you should now be prompted to log in again when requesting a new token
9
votes

In the Native Postman app there is "Cookie manager", so that is not a problem at all,

But in the Postman extension for Chrome there is not

So the solution is just in the installing native Postman

Postman for Linux, Mac & Windows

6
votes

Is the Postman Interceptor enabled? Toggling it will route all requests and responses through the Chrome browser.

Interceptor - https://www.getpostman.com/docs/capture Cookies documentation - http://blog.getpostman.com/index.php/2014/11/28/using-the-interceptor-to-read-and-write-cookies/

2
votes

new version of postman app has the ability to do that programmatically in pre-request or tests scripts since 2019/08

see more examples here: Delete cookies programmatically · Issue #3312 · postmanlabs/postman-app-support

clear all cookies

const jar = pm.cookies.jar();

jar.clear(pm.request.url, function (error) {
  // error - <Error>
});

get all cookies

const jar = pm.cookies.jar();

jar.getAll('http://example.com', function (error, cookies) {
  // error - <Error>
  // cookies - <PostmanCookieList>
  // PostmanCookieList: https://www.postmanlabs.com/postman-collection/CookieList.html
});

get specific cookie

const jar = pm.cookies.jar();

jar.get('http://example.com', 'token', function (error, value) {
  // error - <Error>
  // value - <String>
});
0
votes

into Chrome, right click -> Inspect Element. Go to the tab active tracking of resources and if you have not already. Now the left hand sidebar thingy down until you see "Cookies", click below your domain name and to remove a cookie just right-click on it and "Delete"

0
votes

You can use the Postman interceptor.That you can add into the chrome extension by this link:https://chrome.google.com/webstore/detail/postman-interceptor/aicmkgpgakddgnaphhhpliifpcfhicfo

This helps you send requests which use browser cookies through the Postman app. It can also send headers which are normally restricted by Chrome but are critical for testing APIs.

And also you can enable by interceptor which is there beside the orange sync icon And also you can enable by interceptor which is there beside the orange sync icon.

0
votes

I tried clearing the chrome cookies to get rid of postman cookies, as one of the answers given here. But it didn't work for me. I checked my postman version, found that it's an old version 5.5.4. So I just tried a Postman update to its latest version 7.3.4. Cool, the issue fixed !!

0
votes

I think the response of aaron can be enhanced for URL that contains variables:

var sdk = require('postman-collection');      

const testURL=pm.environment.values.substitute(pm.request.url, null, false);

const objURL=new sdk.Url(testURL);

console.log("clearing cookies for: "+testURL);

const jar = pm.cookies.jar();

jar.clear(objURL, function (error) {
  // error - <Error>
  if(error)
  console.log("Error clearing cookies: "+error);
});
-1
votes

Have you tried Clear Cache extension? Give it a try. It clears app cache, downloads, file systems, form data, history, local storage, passwords and much more, available in the Options settings.

Update: try this answer https://superuser.com/a/232794

I'm not sure of a way to do this in Postman. I used to close the whole browser and reset the server in order to authenticate again. Never tested logout because it was an API service.