See what makes Kong the fastest, most-adopted API gateway
Check out the latest Kong feature releases and updates
Single platform for SaaS end-to-end connectivity
Enterprise service mesh based on Kuma and Envoy
Collaborative API design platform
How to Scale High-Performance APIs and Microservices
Call for speakers & sponsors, Kong API Summit 2023!
3 MIN READ
When testing APIs, software engineers often repeat identical values across multiple requests, but who wants to waste time typing the same values every time?
Insomnia’s environment variables solve this problem by allowing you to define a value once as an environment variable and reference that value wherever it’s needed. Insomnia also enables you to override certain variables using sub-environments or folder environments. Standard variables are base URLs, authentication tokens and resource IDs, but you can create any variables that help you save time.
Eventually, you’ll run into a request that requires some form of authentication. The issue with storing passwords in plain text is that anyone can read them.
This issue prompted the community to question how to avoid plain-text passwords in the “Manage Environments” section of Insomnia. Thanks to a combination of community contributions and Insomnia features, you can easily avoid this situation through various options:
The easiest solution is to use private environments. A private environment will never be exported or synced. However, it will still be in plain text, so it doesn’t completely solve the issue at hand, but I wanted to point out that it is available.
My preferred option would be using env files. An Insomnia plugin created by community member Edirin made this possible. Huge thanks to him for creating this Insomnia Plugin – dotenv that makes it tenfold easier to use env files in environments.
To use Edirin’s creation:
The alternative, and perhaps easier, installation method is to visit the plugin hub and click the “Install in Core” button on the top right.
After installing the dotenv plugin:
Opender took it one step further by utilizing the Insomnia Plugin – dotenv alongside sub environments.
This is handy for collaboration. The environment variable setup is shared (in the base environment). Still, each collaborator provides the specific keys from a file on their file-system, which is never synced or exported.
The results of this collaboration to avoid plain-text passwords in Insomnia demonstrate two things:
The combination of these two created a fantastic new plugin and excellent use case. I’d like to make one last shout out to Alex for kicking it off in the following GitHub issue. We’re all a little better at protecting our plain-text passwords now, thanks to you.
You can explore the other 250+ Insomnia plugins available on the Plugin Hub. There are tons of excellent open source plugins. If you can’t find something you need, Insomnia has documentation to help you create your own.
Check out our recent blog post for even more Insomnia tips: Service Design Guidelines with OpenAPI and Kong
Share Post
Try out Insomnia for Teams
Start Free Trial