Request with API Keys hitting Karate Mock Server - Returning 403 Forbidden

Question

I could not find a similar question, but I might have missed.

Anyways, I have an application, were one of the downstream calls builds the request with API keys (recent update).

We have this specific downstream call pointed to the karate mock server and the karate mock server is just set up to listen for the path and confirm that it is a 'POST' being called to return a response.

We have confirmed in POSTMAN that when we do not have the API keys and call the karate mock server (with the same downstream request that is created in the application), the karate mock server returns the response correctly, but when we add the API keys to the header of the request, the karate mock server returns a 403 forbidden.

I was thinking that the mock server would just ignore the api keys being sent in the request since we do not have it set up in the mockServerPath.feature to listen or care for these keys but only check for the path and that it is a POST, but it does not seem to like the API keys...

Answer 1

This must be a simple misconfiguration, Karate mocks just take the incoming request and applies the Scenario expressions from top to bottom and stops when it finds the first one that returns true.

Maybe all the expressions you have are too "strict" and none of them "matched" when the extra header appeared. Or maybe the shape of the URL changed, just look carefully and you should figure this out.